RITLabs The Bat! before 3.0.0.15 displays certain important headers from encapsulated data in message/partial MIME messages, instead of the real headers, which is in violation of RFC2046 header merging rules and allows remote attackers to spoof the origin of e-mail by sending a fragmented message, as demonstrated using spoofed Received: and Message-ID: headers.
References
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2006-02-10 11:02
Updated : 2024-02-28 10:42
NVD link : CVE-2006-0630
Mitre link : CVE-2006-0630
CVE.ORG link : CVE-2006-0630
JSON object : View
Products Affected
ritlabs
- the_bat
CWE