Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2001-0398

The BAT! mail client allows remote attackers to bypass user warnings of an executable attachment and execute arbitrary commands via an attachment whose file name contains many spaces, which also causes the BAT! to misrepresent the attachment's type with a different icon.

Published

2001-06-18T04:00:00.000

Last Modified

2025-04-03T01:03:51.193

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 7.5 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

10.0

Impact Score

6.4

Weaknesses

Type: Primary
NVD-CWE-Other

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	ritlabs	the_bat	1.0_build1336	Yes
Application	ritlabs	the_bat	1.0_build1349	Yes
Application	ritlabs	the_bat	1.1	Yes
Application	ritlabs	the_bat	1.011	Yes
Application	ritlabs	the_bat	1.14	Yes
Application	ritlabs	the_bat	1.15	Yes
Application	ritlabs	the_bat	1.015	Yes
Application	ritlabs	the_bat	1.17	Yes
Application	ritlabs	the_bat	1.18	Yes
Application	ritlabs	the_bat	1.19	Yes
Application	ritlabs	the_bat	1.21	Yes
Application	ritlabs	the_bat	1.22	Yes
Application	ritlabs	the_bat	1.028	Yes
Application	ritlabs	the_bat	1.029	Yes
Application	ritlabs	the_bat	1.31	Yes
Application	ritlabs	the_bat	1.031	Yes
Application	ritlabs	the_bat	1.32	Yes
Application	ritlabs	the_bat	1.032	Yes
Application	ritlabs	the_bat	1.33	Yes
Application	ritlabs	the_bat	1.34	Yes
Application	ritlabs	the_bat	1.035	Yes
Application	ritlabs	the_bat	1.35	Yes
Application	ritlabs	the_bat	1.036	Yes
Application	ritlabs	the_bat	1.36	Yes
Application	ritlabs	the_bat	1.037	Yes
Application	ritlabs	the_bat	1.39	Yes
Application	ritlabs	the_bat	1.039	Yes
Application	ritlabs	the_bat	1.041	Yes
Application	ritlabs	the_bat	1.41	Yes
Application	ritlabs	the_bat	1.42	Yes
Application	ritlabs	the_bat	1.42f	Yes
Application	ritlabs	the_bat	1.043	Yes
Application	ritlabs	the_bat	1.43	Yes
Application	ritlabs	the_bat	1.44	Yes
Application	ritlabs	the_bat	1.45	Yes
Application	ritlabs	the_bat	1.46	Yes
Application	ritlabs	the_bat	1.47	Yes
Application	ritlabs	the_bat	1.48	Yes
Application	ritlabs	the_bat	1.49	Yes
Application	ritlabs	the_bat	1.101	Yes

References

http://archives.neohapsis.com/archives/bugtraq/2001-04/0013.html Vendor Advisory ([email protected])
http://www.securityfocus.com/bid/2530 Exploit, Patch, Vendor Advisory ([email protected])
http://archives.neohapsis.com/archives/bugtraq/2001-04/0013.html Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/2530 Exploit, Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)