Vulnerability Name: | CVE-2003-0564 (CCN-13603) | ||||||||||||||||||||
Assigned: | 2003-11-04 | ||||||||||||||||||||
Published: | 2003-11-04 | ||||||||||||||||||||
Updated: | 2017-10-11 | ||||||||||||||||||||
Summary: | Multiple vulnerabilities in multiple vendor implementations of the Secure/Multipurpose Internet Mail Extensions (S/MIME) protocol allow remote attackers to cause a denial of service and possibly execute arbitrary code via an S/MIME email message containing certain unexpected ASN.1 constructs, as demonstrated using the NISSC test suite. | ||||||||||||||||||||
CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
| ||||||||||||||||||||
CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
| ||||||||||||||||||||
Vulnerability Type: | CWE-Other | ||||||||||||||||||||
Vulnerability Consequences: | Gain Access | ||||||||||||||||||||
References: | Source: SGI Type: UNKNOWN 20040402-01-U Source: MITRE Type: CNA CVE-2003-0564 Source: HP Type: UNKNOWN SSRT4722 Source: FEDORA Type: UNKNOWN FLSA:2089 Source: CCN Type: RHSA-2004-110 mozilla security update Source: CCN Type: RHSA-2004-112 Updated Mozilla packages fix security issues Source: CCN Type: CIAC Information Bulletin O-106 Mozilla 1.4.2 Vulnerabilities Source: CCN Type: US-CERT VU#428230 Multiple vulnerabilities in S/MIME implementations Source: CERT-VN Type: Third Party Advisory, US Government Resource VU#428230 Source: MANDRAKE Type: UNKNOWN MDKSA-2004:021 Source: REDHAT Type: Patch, Vendor Advisory RHSA-2004:110 Source: REDHAT Type: UNKNOWN RHSA-2004:112 Source: CCN Type: SecuriTeam Mailing List, Security Holes & Exploits 18 Jan 2004 Malformed ASN.1 Exploit Code Source: BID Type: Vendor Advisory 8981 Source: CCN Type: BID-8981 Multiple Vendor S/MIME ASN.1 Parsing Denial of Service Vulnerabilities Source: CCN Type: NISCC Vulnerability Advisory - 006489/SMIME Vulnerability Issues in Implementations of the S/MIME Protocol Source: MISC Type: Patch, Vendor Advisory http://www.uniras.gov.uk/vuls/2003/006489/smime.htm Source: XF Type: UNKNOWN smime-asn1-bo(13603) Source: XF Type: UNKNOWN smime-asn1-bo(13603) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:11462 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:872 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:914 | ||||||||||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration RedHat 1: Configuration CCN 1: Denotes that component is vulnerable | ||||||||||||||||||||
Oval Definitions | |||||||||||||||||||||
| |||||||||||||||||||||
BACK |