CVE-2003-0143
published 2003-03-18CVE-2003-0143: The pop_msg function in qpopper 4.0.x before 4.0.5fc2 does not null terminate a message buffer after a call to Qvsnprintf, which could allow authenticated…
PriorityP340critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
8.60%
94.4th percentile
The pop_msg function in qpopper 4.0.x before 4.0.5fc2 does not null terminate a message buffer after a call to Qvsnprintf, which could allow authenticated users to execute arbitrary code via a buffer overflow in a mdef command with a long macro name.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| qualcomm | qpopper | — | — |
| qualcomm | qpopper | — | — |
| qualcomm | qpopper | — | — |
| qualcomm | qpopper | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://marc.info/?l=bugtraq&m=104739841223916&w=2http://marc.info/?l=bugtraq&m=104748775900481&w=2http://marc.info/?l=bugtraq&m=104768137314397&w=2http://marc.info/?l=bugtraq&m=104792541215354&w=2http://www.debian.org/security/2003/dsa-259http://www.novell.com/linux/security/advisories/2003_018_qpopper.htmlhttp://www.securityfocus.com/bid/7058https://exchange.xforce.ibmcloud.com/vulnerabilities/11516http://marc.info/?l=bugtraq&m=104739841223916&w=2http://marc.info/?l=bugtraq&m=104748775900481&w=2http://marc.info/?l=bugtraq&m=104768137314397&w=2http://marc.info/?l=bugtraq&m=104792541215354&w=2http://www.debian.org/security/2003/dsa-259http://www.novell.com/linux/security/advisories/2003_018_qpopper.htmlhttp://www.securityfocus.com/bid/7058https://exchange.xforce.ibmcloud.com/vulnerabilities/11516
2003-03-18
Published