CVE-2008-5429

Incredimail build 5853710 does not properly handle (1) multipart/mixed e-mail messages with many MIME parts and possibly (2) e-mail messages with many "Content-type: message/rfc822;" headers, which allows remote attackers to cause a denial of service (stack consumption or other resource consumption) via a large e-mail message, a related issue to CVE-2006-1173.
Configurations

Configuration 1 (hide)

cpe:2.3:a:incredimail:incredimail:5.85:*:*:*:*:*:*:*

History

21 Nov 2024, 00:54

Type Values Removed Values Added
References () http://mime.recurity.com/cgi-bin/twiki/view/Main/AttackIntro - Exploit () http://mime.recurity.com/cgi-bin/twiki/view/Main/AttackIntro - Exploit
References () http://securityreason.com/securityalert/4721 - () http://securityreason.com/securityalert/4721 -
References () http://www.securityfocus.com/archive/1/499038/100/0/threaded - () http://www.securityfocus.com/archive/1/499038/100/0/threaded -
References () http://www.securityfocus.com/archive/1/499045/100/0/threaded - () http://www.securityfocus.com/archive/1/499045/100/0/threaded -

Information

Published : 2008-12-11 15:30

Updated : 2024-11-21 00:54


NVD link : CVE-2008-5429

Mitre link : CVE-2008-5429

CVE.ORG link : CVE-2008-5429


JSON object : View

Products Affected

incredimail

  • incredimail
CWE
CWE-399

Resource Management Errors