RITLabs The Bat! prior to 3.0.0.15 displays certain important headers from encapsulated data in message/partial MIME messages, instead of the real headers, which is in violation of RFC2046 header merging rules and allows remote malicious users to spoof the origin of e-mail by sending a fragmented message, as demonstrated using spoofed Received: and Message-ID: headers.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ritlabs the bat 3.0.0.11 |
||
ritlabs the bat 3.0.0.12 |
||
ritlabs the bat 3.0 |
||
ritlabs the bat 3.0.0.10 |
||
ritlabs the bat 3.0.0.14 |
||
ritlabs the bat 3.0.0.7 |
||
ritlabs the bat 3.0.0.8 |
||
ritlabs the bat 3.0.0.9 |