S/MIME Protocol Vulnerabilities in Various Vendor Implementations
CVE-2003-0564

Currently unrated

Key Information:

Vendor: Hitachi
Status: Pki Runtime Library; Groupmax Mail - Security Option
Vendor: CVE Published:; 1 December 2003

Summary

Multiple vendors' implementations of the Secure/Multipurpose Internet Mail Extensions (S/MIME) protocol are vulnerable to multiple security issues. A remote attacker can exploit these vulnerabilities through specially crafted S/MIME email messages that include unexpected ASN.1 constructs, potentially leading to denial of service or arbitrary code execution. This risk highlights critical weaknesses in email security mechanisms and underlines the importance of staying updated and applying appropriate security patches.

References

http://www.redhat.com/support/errata/RHSA-2004-110.html

vendor-advisoryx_refsource_REDHAT

http://marc.info/?l=bugtraq&m=109900315219363&w=2

vendor-advisoryx_refsource_FEDORA

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

EPSS Score

35% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 1, 2003
Vulnerability Reserved
Jul 15, 2003