CVE-2012-0802
7.6 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.136 Low
EPSS
Percentile
95.6%
Multiple buffer overflows in Spamdyke before 4.3.0 might allow remote attackers to execute arbitrary code via vectors related to “serious errors in the usage of snprintf()/vsnprintf()” in which the return values may be larger than the size of the buffer.
References
secunia.com/advisories/47548
secunia.com/advisories/48257
security.gentoo.org/glsa/glsa-201203-01.xml
www.mail-archive.com/spamdyke-release%40spamdyke.org/msg00014.html
www.openwall.com/lists/oss-security/2012/01/23/5
www.osvdb.org/78351
www.securityfocus.com/bid/51440
www.spamdyke.org/documentation/Changelog.txt
Related
7.6 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.136 Low
EPSS
Percentile
95.6%