Unrated severityNVD Advisory· Published Jan 3, 2005· Updated Apr 16, 2026

CVE-2004-1312

Description

A bug in the HTML parser in a certain Microsoft HTML library, as used in various third party products, may allow remote attackers to cause a denial of service via certain strings, as reported in GFI MailEssentials for Exchange 9 and 10, and GFI MailSecurity for Exchange 8, which causes emails to remain in IIS or Exchange mail queues.

Affected products

Gfi/Mailessentials3 versions
cpe:2.3:a:gfi:mailessentials:10.0:*:exchange_smtp:*:*:*:*:*+ 2 more
- cpe:2.3:a:gfi:mailessentials:10.0:*:exchange_smtp:*:*:*:*:*
- cpe:2.3:a:gfi:mailessentials:10.1:*:exchange_smtp:*:*:*:*:*
- cpe:2.3:a:gfi:mailessentials:9.0:*:exchange_smtp:*:*:*:*:*
Gfi/Mailsecurity
cpe:2.3:a:gfi:mailsecurity:8.0:*:exchange_smtp:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

kbase.gfi.com/showarticle.aspnvdPatchVendor Advisory
www.csis.dk/default.aspnvdVendor Advisory
secunia.com/advisories/13708nvd
www.securityfocus.com/bid/12148nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000