ripMIME MIME Attachment Decoding Weakness
It is reported that a weakness exists in ripMIMEs decoding routine.
If ripMIME is being used in conjunction with a virus scanning, or other similar type of application, this weakness has the affect of not passing the attachment to the engine. This means that the attachments will bypass the scanning process.
By bypassing the scanning process, the message may then be passed on to an end user while still containing virus, or other malicious code that should have been blocked by the filter.
Attackers may exploit this weakness by forming malicious content designed to pass through filtering software. This content is designed to be decoded by the end users MUA. Some MUAs may decode the MIME attachments, even though they are formed incorrectly, allowing the malicious content to be delivered.
Version 184.108.40.206 has been released which fixes this weakness.