PT-2003-2394 · Aladdin Knowledge Systems · Esafe Gateway

Publicado

2003-12-31

Atualizado

2017-07-29

CVE-2003-1449

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Aladdin Knowledge Systems eSafe Gateway version 3.5.126.0

Description The issue allows remote attackers to bypass virus protection due to incomplete checking of the Content Vectoring Protocol (CVP) data stream.

Recommendations For version 3.5.126.0, consider updating to a newer version that includes a fix for this issue, as the current version does not properly check CVP data, allowing attackers to bypass virus protection. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-16

Identificadores relacionados

CVE-2003-1449

Produtos afetados

Esafe Gateway

PT-2003-2394 · Aladdin Knowledge Systems · Esafe Gateway

CVE-2003-1449

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4