Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2010-0562
HistoryFeb 08, 2010 - 9:30 p.m.

CVE-2010-0562

2010-02-0821:30:00
CWE-119
[email protected]
web.nvd.nist.gov
30
cve-2010-0562
fetchmail
sdump function
heap-based buffer overflow
application crash
denial of service
remote code execution
ssl x.509 certificate.

8.1 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.116 Low

EPSS

Percentile

95.2%

JSON

The sdump function in sdump.c in fetchmail 6.3.11, 6.3.12, and 6.3.13, when running in verbose mode on platforms for which char is signed, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an SSL X.509 certificate containing non-printable characters with the high bit set, which triggers a heap-based buffer overflow during escaping.

Related

altlinux 2
securityvulns 2
openvas 8
nessus 5
debiancve 1
ubuntucve 1
freebsd 1
prion 1
fedora 1
gentoo 1
altlinux
altlinux
Security fix for the ALT Linux 6 package fetchmail version 6.3.14-alt1
2010-03-27 00:00:00
Security fix for the ALT Linux 5 package fetchmail version 6.3.14-alt1
2010-03-27 00:00:00
securityvulns
securityvulns
[ MDVSA-2010:037 ] fetchmail
2010-02-16 00:00:00
fetchmail buffer overflow
2010-02-16 00:00:00
openvas
openvas
FreeBSD Ports: fetchmail
2010-02-18 00:00:00
Mandriva Update for fetchmail MDVSA-2010:037 (fetchmail)
2010-02-19 00:00:00
FreeBSD Ports: fetchmail
2010-02-18 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : fetchmail (MDVSA-2010:037)
2010-07-30 00:00:00
FreeBSD : fetchmail -- heap overflow on verbose X.509 display (2a6a966f-1774-11df-b5c1-0026189baca3)
2010-02-15 00:00:00
Fedora 12 : fetchmail-6.3.11-4.fc12 (2010-3800)
2010-07-01 00:00:00
debiancve
debiancve
CVE-2010-0562
2010-02-08 21:30:00
ubuntucve
ubuntucve
CVE-2010-0562
2010-02-08 00:00:00
freebsd
freebsd
fetchmail -- heap overflow on verbose X.509 display
2010-02-04 00:00:00
prion
prion
Heap overflow
2010-02-08 21:30:00
fedora
fedora
[SECURITY] Fedora 12 Update: fetchmail-6.3.11-4.fc12
2010-03-06 03:52:56
gentoo
gentoo
Fetchmail: Multiple vulnerabilities
2010-06-01 00:00:00

8.1 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.116 Low

EPSS

Percentile

95.2%

JSON
Related for CVE-2010-0562
altlinux2securityvulns2openvas8nessus5debiancve1ubuntucve1freebsd1prion1fedora1gentoo1