CVE-2003-1485

Description

Clearswift MAILsweeper 4.0 through 4.3.7 allows remote attackers to bypass filtering via a file attachment that contains "multiple extensions combined with large blocks of white space."

Affected products

• clearswift / mailsweeper4.0 – 4.0
• clearswift / mailsweeper4.1 – 4.1
• clearswift / mailsweeper4.2 – 4.2
• clearswift / mailsweeper4.3 – 4.3
• clearswift / mailsweeper4.3.3 – 4.3.3
• clearswift / mailsweeper4.3.4 – 4.3.4
• clearswift / mailsweeper4.3.5 – 4.3.5
• clearswift / mailsweeper4.3.6 – 4.3.6
• clearswift / mailsweeper4.3.6_sp1 – 4.3.6_sp1
• clearswift / mailsweeper4.3.7 – 4.3.7

References

• MISChttp://www.clearswift.com/download/bin/Patches/ReadMe_SMTP_438.htm
• MISChttp://www.securityfocus.com/bid/7568