CVE-2002-1121 (CNNVD-200209-051)
中文标题:
多个供应商电子邮件消息分段SMTP过滤器绕过漏洞
英文标题:
SMTP content filter engines, including (1) GFI MailSecurity for Exchange/SMTP before 7.2, (2) InterS...
漏洞描述
中文描述:
(1)Exchange/SMTP 7.2之前版本的GFI MailSecurity,(2) InterScan VirusWall 3.52 build 1494之前版本,(3)MIMEDefang 2.21之前版本的默认配置,和可能其他的产品的SMTP目录过滤器引擎不能检测到电子邮件的碎片,正如在RFC2046(“消息分段和重新装配”)中定义的和在如Outlook Express产品中支持的。远程攻击者借助message/partial目录类型的电子邮件碎片绕过目录过滤器包含病毒检查。
英文描述:
SMTP content filter engines, including (1) GFI MailSecurity for Exchange/SMTP before 7.2, (2) InterScan VirusWall before 3.52 build 1494, (3) the default configuration of MIMEDefang before 2.21, and possibly other products, do not detect fragmented emails as defined in RFC2046 ("Message Fragmentation and Reassembly") and supported in such products as Outlook Express, which allows remote attackers to bypass content filtering, including virus checking, via fragmented emails of the message/partial content type.
CWE类型:
标签:
受影响产品
| 厂商 | 产品 | 版本 | 版本范围 | 平台 | CPE |
|---|---|---|---|---|---|
| gfi | mailsecurity | 7.2 | - | - |
cpe:2.3:a:gfi:mailsecurity:7.2:*:exchange_smtp:*:*:*:*:*
|
| network_associates | webshield_smtp | 4.0.5 | - | - |
cpe:2.3:a:network_associates:webshield_smtp:4.0.5:*:*:*:*:*:*:*
|
| network_associates | webshield_smtp | 4.5 | - | - |
cpe:2.3:a:network_associates:webshield_smtp:4.5:*:*:*:*:*:*:*
|
| network_associates | webshield_smtp | 4.5.44 | - | - |
cpe:2.3:a:network_associates:webshield_smtp:4.5.44:*:*:*:*:*:*:*
|
| network_associates | webshield_smtp | 4.5.74.0 | - | - |
cpe:2.3:a:network_associates:webshield_smtp:4.5.74.0:*:*:*:*:*:*:*
|
| roaring_penguin | canit | 1.2 | - | - |
cpe:2.3:a:roaring_penguin:canit:1.2:*:*:*:*:*:*:*
|
| roaring_penguin | mimedefang | 2.14 | - | - |
cpe:2.3:a:roaring_penguin:mimedefang:2.14:*:*:*:*:*:*:*
|
| roaring_penguin | mimedefang | 2.20 | - | - |
cpe:2.3:a:roaring_penguin:mimedefang:2.20:*:*:*:*:*:*:*
|
| trend_micro | interscan_viruswall | 3.5 | - | - |
cpe:2.3:a:trend_micro:interscan_viruswall:3.5:*:*:*:*:*:*:*
|
| trend_micro | interscan_viruswall | 3.51 | - | - |
cpe:2.3:a:trend_micro:interscan_viruswall:3.51:*:*:*:*:*:*:*
|
| trend_micro | interscan_viruswall | 3.52 | - | - |
cpe:2.3:a:trend_micro:interscan_viruswall:3.52:*:*:*:*:*:*:*
|
解决方案
中文解决方案:
英文解决方案:
临时解决方案:
参考链接
cve.org
cve.org
cve.org
cve.org
cve.org
cve.org
cve.org
cve.org
cve.org
CVSS评分详情
AV:N/AC:L/Au:N/C:P/I:P/A:P
时间信息
利用信息
数据源详情
| 数据源 | 记录ID | 版本 | 提取时间 |
|---|---|---|---|
| CVE | cve_CVE-2002-1121 |
2025-11-11 15:17:24 | 2025-11-11 07:32:16 |
| NVD | nvd_CVE-2002-1121 |
2025-11-11 14:50:27 | 2025-11-11 07:41:03 |
| CNNVD | cnnvd_CNNVD-200209-051 |
2025-11-11 15:08:41 | 2025-11-11 07:48:48 |
版本与语言
安全公告
变更历史
查看详细变更
- vulnerability_type: 未提取 -> 授权问题
- cnnvd_id: 未提取 -> CNNVD-200209-051
- data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
查看详细变更
- severity: SeverityLevel.MEDIUM -> SeverityLevel.HIGH
- cvss_score: 未提取 -> 7.5
- cvss_vector: NOT_EXTRACTED -> AV:N/AC:L/Au:N/C:P/I:P/A:P
- cvss_version: NOT_EXTRACTED -> 2.0
- affected_products_count: 0 -> 11
- data_sources: ['cve'] -> ['cve', 'nvd']