vulnerability announce 11347

Clearswift Email, Web Gateway: denial of service via iWork

Synthesis of the vulnerability

An attacker can use an iWork document containing an empty Zip64 header, in order to create an infinite loop in Clearswift products.

Severity: 3/4. Creation date: 08/02/2012.

Impacted products

• Clearswift MIMEsweeper
• Clearswift SECURE Email Gateway
• Clearswift SECURE Web Gateway

Description of the vulnerability

The Apple iWork office suite creates documents compressed in the Zip64 format. Clearswift products decode iWork archives, in order to analyze their content. However, if a Zip64 header is empty, an infinite loop occurs when Clearswift tries to decode it. An attacker can therefore use an iWork document containing an empty Zip64 header, in order to create an infinite loop in Clearswift products.

Share this bulletin

Complete Vigil@nce bulletin

Clearswift Email, Web Gateway: denial of service via iWork

Characteristics

Title: Clearswift Email, Web Gateway: denial of service via iWork. Keywords: Apple Clearswift Email Gateway Zip64 denial iWork service. Identifiers: VIGILANCE-VUL-11347.

Information sources

Publications and announces Source example: ReadMe for CLEARSWIFT SECURE Email Gateway 3_4_1 and Edge Server 3_4_1 Upgrade

Solutions for this vulnerability

Patch or workaround

Computer vulnerabilities tracking service

Vigil@nce provides a software vulnerability note. The technology watch team tracks security threats targeting the computer system. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system. The Vigil@nce vulnerability database contains several thousand vulnerabilities.