Clearswift MAILsweeper for SMTP 4.3.6 SP1 does not execute custom "on strip unsuccessful" hooks, which allows remote malicious users to bypass e-mail attachment filtering policies via an attachment that MAILsweeper can detect but not remove.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
clearswift_limited mailsweeper 4.3.6_sp1 |