Remote Command Execution Vulnerability in The BAT! Mail Client by Ritlabs
CVE-2001-0398

Currently unrated

Key Information:

Vendor: Ritlabs
Status: The Bat
Vendor: CVE Published:; 18 June 2001

What is CVE-2001-0398?

The BAT! mail client is susceptible to a remote command execution vulnerability that allows attackers to bypass user warnings for executable attachments. When an attachment's file name contains multiple spaces, it misleads the BAT! client into misrepresenting the attachment's type, displaying an incorrect icon. This flaw can be exploited to execute arbitrary commands on the user’s system, posing significant risks to data security and integrity.

References

http://www.securityfocus.com/bid/2530

vdb-entryx_refsource_BID

http://archives.neohapsis.com/archives/bugtraq/2001-04/00...

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 18, 2001
Vulnerability Reserved
May 24, 2001

CVE-2001-0398 Data

JSON