PT-2001-1616 · Ritlabs · The Bat!

Published

2001-05-24

Updated

2008-09-05

CVE-2001-0398

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions The BAT! mail client (affected versions not specified)

Description The issue allows remote attackers to bypass user warnings of an executable attachment and execute arbitrary commands. This is achieved by sending an attachment whose file name contains many spaces, causing the mail client to misrepresent the attachment's type with a different icon.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2001-0398

Affected Products

The Bat!

PT-2001-1616 · Ritlabs · The Bat!

CVE-2001-0398

Related Identifiers

Affected Products

References · 3