Denial of Service Vulnerability in Symantec Brightmail AntiSpam 6.0.1
CVE-2004-1768

Currently unrated

Key Information:

Vendor: Symantec
Status: Brightmail Antispam
Vendor: CVE Published:; 17 December 2004

What is CVE-2004-1768?

The character converters in the Spamhunter and Language ID modules of Symantec Brightmail AntiSpam 6.0.1, prior to patch 132, are susceptible to a denial of service condition. Attackers can exploit this vulnerability by sending specially crafted messages utilizing the ISO-8859-10 character set, which the converters fail to recognize, leading to potential service interruptions and crashes.

References

http://www.kb.cert.org/vuls/id/697598

third-party-advisoryx_refsource_CERT-VN

ftp://ftp.symantec.com/public/english_us_canada/products/...

x_refsource_CONFIRM

http://secunia.com/advisories/13489

third-party-advisoryx_refsource_SECUNIA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Mar 10, 2005
Vulnerability published
Dec 17, 2004