CVE-2004-1007

6 documents6 sources
Severity
5.0MEDIUM
EPSS
0.7%
top 29.02%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Bogofilter Email FilterUbuntu Ubuntu Linux
Timeline
PublishedMar 1
Latest updateApr 29

Description

The quoted-printable decoder in bogofilter 0.17.4 to 0.92.7 allows remote attackers to cause a denial of service (application crash) via mail headers that cause a line feed (LF) to be replaced by a null byte that is written to an incorrect memory address.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

NVDbogofilter/email_filter7 versions+6
Debianbogofilter< 0.92.8-1+3

Also affects: Ubuntu Linux 4.1

🔴Vulnerability Details

3
GHSA
GHSA-chqq-gr5j-843v: The quoted-printable decoder in bogofilter 02022-04-29
OSV
CVE-2004-1007: The quoted-printable decoder in bogofilter 02005-03-01
CVEList
CVE-2004-1007: The quoted-printable decoder in bogofilter 02004-11-04

📋Vendor Advisories

2
Ubuntu
bogofilter vulnerability2004-11-17
Debian
CVE-2004-1007: bogofilter - The quoted-printable decoder in bogofilter 0.17.4 to 0.92.7 allows remote attack...2004
CVE-2004-1007 (MEDIUM CVSS 5) | The quoted-printable decoder in bog | cvebase.io