CVE Reference: CVE-2007-2958

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2007-2958

Description:
Format string vulnerability in the inc_put_error function in src/inc.c in Sylpheed 2.4.4, and Sylpheed-Claws (Claws Mail) 1.9.100 and 2.10.0, allows remote POP3 servers to execute arbitrary code via format string specifiers in crafted replies.

CVE Status:
Candidate

References:

XF
  http://xforce.iss.net/xforce/xfdb/36238

SUSE
  http://www.novell.com/linux/security/advisories/2007_20_sr.html

SAID
  Secunia Advisory: SA26550
  Secunia Advisory: SA26610
  Secunia Advisory: SA27229
  Secunia Advisory: SA27379

OSVDB
  40184

MISC
  http://secunia.com/secunia_research/2007-70/advisory/

GENTOO
  http://security.gentoo.org/glsa/glsa-200710-29.xml

FEDORA

CONFIRM
  http://bugs.gentoo.org/show_bug.cgi?id=190104

BID
  25430


Return to the previous page.