Incredimail Malformed MIME Message DoS Vulnerability Network Vulnerability

Summary

This host has Incredimail installed and is prone to denial of service vulnerability.

Impact

Successful exploitation could result in application crash. Impact Level: Application

Solution

Upgrade to latest version of Incredimail-5.8.5.3849 (5853849) http://www.incredimail.com/english/download/

Insight

Flaw is due to improper handling of multipart/mixed e-mail messages with many MIME parts and e-mail messages with many Content-type: message/rfc822 headers.

Affected

Incredimail 5.8.5.3710 (5853710) and prior on Windows.

References

http://mime.recurity.com/cgi-bin/twiki/view/Main/AttackIntro
http://www.securityfocus.com/archive/1/499038
http://www.securityfocus.com/archive/1/499045

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-5429

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P

Related Vulnerabilities

EtherApe RPC Packet Processing Denial of Service Vulnerability
ClamAV Recursion Level Handling Denial of Service Vulnerability (Windows)
at32 Reverse Proxy Multiple HTTP Header Fields Denial Of Service Vulnerability
FreeRADIUS Tunnel-Password Denial Of Service Vulnerability
CUPS 'scheduler/select.c' Denial Of Service Vulnerability

Take action and discover your vulnerabilities