Описание
The pop_msg function in qpopper 4.0.x before 4.0.5fc2 does not null terminate a message buffer after a call to Qvsnprintf, which could allow authenticated users to execute arbitrary code via a buffer overflow in a mdef command with a long macro name.
Ссылки
- PatchVendor Advisory
- ExploitPatchVendor Advisory
- PatchVendor Advisory
- ExploitPatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:qualcomm:qpopper:4.0.1:*:*:*:*:*:*:*
cpe:2.3:a:qualcomm:qpopper:4.0.2:*:*:*:*:*:*:*
cpe:2.3:a:qualcomm:qpopper:4.0.3:*:*:*:*:*:*:*
cpe:2.3:a:qualcomm:qpopper:4.0.4:*:*:*:*:*:*:*
EPSS
Процентиль: 92%
0.09132
Низкий
10 Critical
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
debian
больше 22 лет назад
The pop_msg function in qpopper 4.0.x before 4.0.5fc2 does not null te ...
github
около 3 лет назад
The pop_msg function in qpopper 4.0.x before 4.0.5fc2 does not null terminate a message buffer after a call to Qvsnprintf, which could allow authenticated users to execute arbitrary code via a buffer overflow in a mdef command with a long macro name.
EPSS
Процентиль: 92%
0.09132
Низкий
10 Critical
CVSS2
Дефекты
NVD-CWE-Other