Remote Information Disclosure in Brightmail Spamfilter by Symantec
CVE-2004-0671

Currently unrated

Key Information:

Vendor: Symantec
Status: Brightmail Antispam
Vendor: CVE Published:; 6 August 2004

What is CVE-2004-0671?

The Brightmail Spamfilter, an email filtering product by Symantec, is susceptible to a remote information disclosure vulnerability. By manipulating the 'id' parameter in a specific request ('viewMsgDetails.do'), attackers can gain unauthorized access to the email messages of other users. This flaw in versions 6.0 and earlier beta releases compromises user confidentiality and allows potential exploitation by malicious actors.

References

http://marc.info/?l=bugtraq&m=108880205115802&w=2

mailing-listx_refsource_BUGTRAQ

https://exchange.xforce.ibmcloud.com/vulnerabilities/16609

vdb-entryx_refsource_XF

http://marc.info/?l=bugtraq&m=108981452101353&w=2

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 6, 2004
Vulnerability Reserved
Jul 12, 2004