VULHUB ™

Multiple filter bypass vulnerabilities have been reported in numerous software implementations due to ambiguities in MIME encapsulation standards (RFCs 822, and 2045 through 2049). The following types of software may be impacted by these issues: - Email clients - Web clients - Antivirus products - Email content filters - Web content filters The source of the problem is that affected implementations may not handle malformed or incorrect MIME encapsulated data. As a result, various MIME encapsulation techniques could be used to allow MIME attachments to pass on through when they should be rejected due to being malformed or incorrect. This could have various consequences depending on the implementation, but will also generally require that the client receiving the attachment will be able to interpret the malformed attachment. A conclusive list of affected implementations is not available at this time. This BID will be updated as more vendor products are determined to be vulnerable.

Multiple filter bypass vulnerabilities have been reported in numerous software implementations due to ambiguities in MIME encapsulation standards (RFCs 822, and 2045 through 2049). The following types of software may be impacted by these issues: - Email clients - Web clients - Antivirus products - Email content filters - Web content filters The source of the problem is that affected implementations may not handle malformed or incorrect MIME encapsulated data. As a result, various MIME encapsulation techniques could be used to allow MIME attachments to pass on through when they should be rejected due to being malformed or incorrect. This could have various consequences depending on the implementation, but will also generally require that the client receiving the attachment will be able to interpret the malformed attachment. A conclusive list of affected implementations is not available at this time. This BID will be updated as more vendor products are determined to be vulnerable.