exploitDog

CVE-2014-3618

Опубликовано: 04 сент. 2014

Источник: redhat

CVSS2: 6.8

Описание

Heap-based buffer overflow in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted email header, related to "unbalanced quotes."

A heap-based buffer overflow flaw was found in procmail's formail utility. A remote attacker could send an email with specially crafted headers that, when processed by formail, could cause procmail to crash or, possibly, execute arbitrary code as the user running formail.

Ссылки на источники

Дополнительная информация

Статус:

Important

Дефект:

CWE-228->CWE-122

https://bugzilla.redhat.com/show_bug.cgi?id=1137581procmail: Heap-overflow in procmail's formail utility when processing specially-crafted email headers

6.8 Medium

CVSS2

Связанные уязвимости

CVE-2014-3618

ubuntu

почти 11 лет назад

Heap-based buffer overflow in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted email header, related to "unbalanced quotes."

CVE-2014-3618

nvd

почти 11 лет назад

Heap-based buffer overflow in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted email header, related to "unbalanced quotes."

CVE-2014-3618

msrc

больше 3 лет назад

Описание отсутствует

CVE-2014-3618

debian

почти 11 лет назад

Heap-based buffer overflow in formisc.c in formail in procmail 3.22 al ...

GHSA-j8hf-r298-62j6

github

около 3 лет назад

Heap-based buffer overflow in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted email header, related to "unbalanced quotes."

6.8 Medium

CVSS2