The vulnerability is due to improper error handling when malformed MIME headers are present in the email attachment. An attacker could exploit this vulnerability by sending an email with a crafted attachment encoded with MIME. A successful exploit could allow the attacker to bypass the configured email message and content filtering.
Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.
This advisory is available at the following link:
http://ift.tt/2eGuDak
The vulnerability is due to improper error handling when malformed MIME headers are present in the email attachment. An attacker could exploit this vulnerability by sending an email with a crafted attachment encoded with MIME. A successful exploit could allow the attacker to bypass the configured email message and content filtering.
Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.
This advisory is available at the following link:
http://ift.tt/2eGuDak
Security Impact Rating: Medium
CVE: CVE-2016-6372
from Cisco Security Advisory http://ift.tt/2eGuDak
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.