Email Spoofing Vulnerability in RITLabs The Bat! Mail Client
CVE-2006-0630

Currently unrated

Key Information:

Vendor: Ritlabs
Status: The Bat
Vendor: CVE Published:; 10 February 2006

What is CVE-2006-0630?

RITLabs The Bat! prior to version 3.0.0.15 exhibits a vulnerability by improperly displaying specific headers from encapsulated data in message/partial MIME messages. This behavior contravenes the header merging rules specified in RFC2046, facilitating the spoofing of email origins. Attackers can exploit this flaw by sending fragmented messages with falsified 'Received:' and 'Message-ID:' headers, potentially misleading recipients about the actual source of the email.

References

http://www.security.nnov.ru/advisories/thebatspoof.asp

x_refsource_MISC

http://lists.grok.org.uk/pipermail/full-disclosure/2006-F...

mailing-listx_refsource_FULLDISC

http://www.securityfocus.com/archive/1/424129/100/0/threaded

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 10, 2006
Vulnerability Reserved
Feb 10, 2006

CVE-2006-0630 Data

JSON

Ritlabs

What is CVE-2006-0630?

References

Timeline