CVE-2005-0667 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Sylpheed-claws

8 documents7 sources

Severity

5.1MEDIUMNVD

EPSS

3.3%

top 12.69%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Sylpheed Altlinux ALT Linux Redhat Enterprise Linux +3 more

Timeline

PublishedMar 7

Latest updateMay 1

Description

Buffer overflow in Sylpheed before 1.0.3 and other versions before 1.9.5 allows remote attackers to execute arbitrary code via an e-mail message with certain headers containing non-ASCII characters that are not properly handled when the user replies to the message.

CVSS vector

AV:N/AC:H/C:P/I:P/A:PExploitability: 4.9 | Impact: 6.4

Affected Packages6 packages

▶Debiansylpheed/sylpheed< 1.0.3-1+2

▶NVDsylpheed/sylpheed14 versions+13

▶NVDsylpheed-claws/sylpheed-claws1.0.2

▶NVDaltlinux/alt_linux2.3

▶NVDredhat/fedora_corecore_3.0

Also affects: Enterprise Linux 2.1

Patches

Patch: secunia.com ↗Patch: sylpheed.good-day.net ↗Patch: sylpheed.good-day.net ↗

🔴Vulnerability Details

GHSA

GHSA-27rr-v6v6-57q8: Buffer overflow in Sylpheed before 1↗2022-05-01

▶

OSV

CVE-2005-0667: Buffer overflow in Sylpheed before 1↗2005-03-07

▶

CVEList

CVE-2005-0667: Buffer overflow in Sylpheed before 1↗2005-03-07

▶

📋Vendor Advisories

Red Hat

security flaw↗2005-03-07

▶

Debian

CVE-2005-0667: sylpheed - Buffer overflow in Sylpheed before 1.0.3 and other versions before 1.9.5 allows ...↗2005

▶

💬Community

Bugzilla

CVE-2005-0667 security flaw↗2018-08-16

▶