CVE-2006-0630
Published Feb 10, 2006
Last updated 6 years ago
Overview
- Description
- RITLabs The Bat! before 3.0.0.15 displays certain important headers from encapsulated data in message/partial MIME messages, instead of the real headers, which is in violation of RFC2046 header merging rules and allows remote attackers to spoof the origin of e-mail by sending a fragmented message, as demonstrated using spoofed Received: and Message-ID: headers.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ritlabs:the_bat:3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5896B50B-719E-4BCD-B481-B6C5A2783D29"
},
{
"criteria": "cpe:2.3:a:ritlabs:the_bat:3.0.0.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B9DE6F73-C434-4760-A07C-5AE9F5280F5F"
},
{
"criteria": "cpe:2.3:a:ritlabs:the_bat:3.0.0.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2FAFE95B-1557-4D99-93DB-A3DE2E3A7A77"
},
{
"criteria": "cpe:2.3:a:ritlabs:the_bat:3.0.0.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "287557CC-0854-4F6F-9E3A-9592A817BE21"
},
{
"criteria": "cpe:2.3:a:ritlabs:the_bat:3.0.0.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D45AF103-012C-4ED1-B241-233DA9780E8A"
},
{
"criteria": "cpe:2.3:a:ritlabs:the_bat:3.0.0.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "90B7F9BE-993C-4675-B000-4349DFF2698B"
},
{
"criteria": "cpe:2.3:a:ritlabs:the_bat:3.0.0.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CC28D8E5-D0AA-4967-9048-3D899AFC7B52"
},
{
"criteria": "cpe:2.3:a:ritlabs:the_bat:3.0.0.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F2D97DBB-CC22-49E9-A74B-C40BFCD9BEC7"
}
],
"operator": "OR"
}
]
}
]