Description
Clearswift MAILsweeper before 4.3.15 does not properly detect and filter RAR 3.20 encoded files, which allows remote attackers to bypass intended policy.
Affected products
- clearswift / mailsweeper4.3.15
References
- VENDOR_ADVISORYhttp://www.corsaire.com/advisories/c030807-001.txt
- MAILING_LISThttp://marc.info/?l=bugtraq&m=109241692108678&w=2