Incredimail Malformed MIME Message DoS Vulnerability Network Vulnerability

Summary

This host has Incredimail installed and is prone to denial of service vulnerability.

Impact

Successful exploitation could result in application crash. Impact Level: Application

Solution

Upgrade to latest version of Incredimail-5.8.5.3849 (5853849) http://www.incredimail.com/english/download/

Insight

Flaw is due to improper handling of multipart/mixed e-mail messages with many MIME parts and e-mail messages with many Content-type: message/rfc822 headers.

Affected

Incredimail 5.8.5.3710 (5853710) and prior on Windows.

References

http://mime.recurity.com/cgi-bin/twiki/view/Main/AttackIntro
http://www.securityfocus.com/archive/1/499038
http://www.securityfocus.com/archive/1/499045

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-5429
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Compaq Web SSI DoS
Adobe Reader 'AcroPDF.DLL' Denial of Service Vulnerability (Linux)
chm2pdf Insecure Temporary File Creation or DoS Vulnerability
Asterisk RTP Text Frames Denial Of Service Vulnerability
ClamAV Remote Denial of Service Vulnerability

Take action and discover your vulnerabilities