Unrated severityNVD Advisory· Published May 5, 2011· Updated Apr 29, 2026

CVE-2011-1904

Description

An unspecified function in the web interface in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allows remote attackers to execute arbitrary commands via unknown vectors, related to a "command injection" issue.

Affected products

Proofpoint/Messaging Security Gateway
cpe:2.3:a:proofpoint:messaging_security_gateway:*:*:*:*:*:*:*:*
Range: <=6.2.0.263\:6.2.0.237
Proofpoint/Protection Server6 versions
cpe:2.3:a:proofpoint:protection_server:5.5.3:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:proofpoint:protection_server:5.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:proofpoint:protection_server:5.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:proofpoint:protection_server:5.5.5:*:*:*:*:*:*:*
- cpe:2.3:a:proofpoint:protection_server:6.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:proofpoint:protection_server:6.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:proofpoint:protection_server:6.2.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.kb.cert.org/vuls/id/790980nvdUS Government Resource
www.clearskies.net/documents/css-advisory-css1105-proofpoint.phpnvd
support.proofpoint.com/article.cginvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.004
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000