CVE-2004-1312

A bug in the HTML parser in a certain Microsoft HTML library, as used in various third party products, may allow remote attackers to cause a denial of service via certain strings, as reported in GFI MailEssentials for Exchange 9 and 10, and GFI MailSecurity for Exchange 8, which causes emails to remain in IIS or Exchange mail queues.

Published: Jan 3, 2005
Updated: Apr 13, 2023
CVE: CVE-2004-1312
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
gfi / mailessentials	10.1	10.1.x
gfi / mailessentials	10.0	10.0.x
gfi / mailessentials	9.0	9.0.x
gfi / mailsecurity	8.0	8.0.x

http://kbase.gfi.com/showarticle.asp?id=KBID002249
http://secunia.com/advisories/13708
http://www.csis.dk/default.asp?m=1&a=194
http://www.securityfocus.com/bid/12148

Vulnerability Database

289,697

CVE-2004-1312