Denial of Service Vulnerability in Microsoft HTML Library Affecting GFI Software
CVE-2004-1312

Currently unrated

Key Information:

Vendor: Gfi
Status: Mailessentials; Mailsecurity
Vendor: CVE Published:; 3 January 2005

What is CVE-2004-1312?

A flaw exists in the HTML parser of a Microsoft HTML library utilized by various third-party products, such as GFI MailEssentials and MailSecurity. This vulnerability can be exploited by remote attackers to generate specific strings that may cause a denial of service, resulting in email messages being stuck in the IIS or Exchange mail queues. Organizations using these affected products are advised to apply security measures to mitigate potential disruption.

References

http://secunia.com/advisories/13708

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/bid/12148

vdb-entryx_refsource_BID

http://www.csis.dk/default.asp?m=1&a=194

x_refsource_MISC

Timeline

Vulnerability published
Jan 3, 2005
Vulnerability Reserved
Dec 21, 2004

Gfi

What is CVE-2004-1312?

References

Timeline