High severity7.3NVD Advisory· Published Jun 26, 2017· Updated May 13, 2026

CVE-2017-6324

Description

The Symantec Messaging Gateway, when processing a specific email attachment, can allow a malformed or corrupted Word file with a potentially malicious macro through despite the administrator having the 'disarm' functionality enabled. This constitutes a 'bypass' of the disarm functionality resident to the application.

Affected products

Symantec/Messaging Gateway
cpe:2.3:a:symantec:messaging_gateway:*:*:*:*:*:*:*:*
Range: <=10.6.2
Symantec Corporation/Messaging Gatewayv5
Range: All versions prior to version 10.6.3

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/98889nvdThird Party AdvisoryVDB Entry
www.symantec.com/security_response/securityupdates/detail.jspnvdVendor Advisory
www.securitytracker.com/id/1038785nvd

News mentions

No linked articles in our index yet.

cvss	0.474
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000