CVE-2006-3523

Name of the Vulnerable Software and Affected Versions Clearswift MIMEsweeper for Web versions prior to 5.1.15 Hotfix

Description The issue allows remote attackers to cause a denial of service, resulting in a crash, by sending an encrypted archived .RAR file. This triggers a scan error and causes the Web Policy Engine service to terminate.

Recommendations For versions prior to 5.1.15 Hotfix, update to version 5.1.15 Hotfix or later to resolve the issue. As a temporary workaround, consider restricting the processing of encrypted archived .RAR files to minimize the risk of exploitation.