Multiple unspecified vulnerabilities in Tumbleweed MailGate Email Firewall (EMF) 6.x allow remote attackers to (1) trigger temporarily incorrect processing of an e-mail message under "extremely heavy loads" and (2) cause an "increased number of missed spam" during "spam outbreaks."

The installation of Tumbleweed Messaging Management System (MMS) 4.6 and earlier (formerly Worldtalk Worldsecure) creates a default account "sa" with no password.