VDB
CVE-2003-0564
CVE-2003-0564
PUBLISHED
CVSS 5 MEDIUM
Multiple vulnerabilities in multiple vendor implementations of the Secure/Multipurpose Internet Mail Extensions (S/MIME) protocol allow remote attackers to cause a denial of service and possibly execute arbitrary code via an S/MIME email message containing certain unexpected ASN.1 constructs, as demonstrated using the NISSC test suite.
EPSS 36.48% · 97.2th percentile
Risk Scores
CVSS 2.0
5
EPSS Score
36.48%
97.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| hitachi | pki_runtime_library | |
| hitachi | groupmax_mail_-_security_option | 6.0 |
| n/a | n/a | * |
Timeline
- Nov 6, 2003 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
- Oct 30, 2023 EPSS Score
References
- RHSA-2004:110 vendor-advisory
- FLSA:2089 vendor-advisory
- oval:org.mitre.oval:def:11462 vdb
- http://www.uniras.gov.uk/vuls/2003/006489/smime.htm url
- 8981 vdb
- RHSA-2004:112 vendor-advisory
- smime-asn1-bo(13603) vdb
- oval:org.mitre.oval:def:872 vdb
- SSRT4722 vendor-advisory
- MDKSA-2004:021 vendor-advisory
- 20040402-01-U vendor-advisory
- VU#428230 third-party-advisory
- oval:org.mitre.oval:def:914 vdb
- https://nvd.nist.gov/vuln/detail/CVE-2003-0564 advisory