Lucene search

[email protected]CVE-2012-5468

HistoryDec 18, 2012 - 1:55 a.m.

CVE-2012-5468

2012-12-1801:55:03

CWE-119

[email protected]

web.nvd.nist.gov

cve-2012-5468

bogofilter

buffer overflow

denial of service

execute arbitrary code

nvd

iconvert.c

bogolexer

base64 string

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8 High

AI Score

Confidence

Low

0.179 Low

EPSS

Percentile

96.2%

JSON

Heap-based buffer overflow in iconvert.c in the bogolexer component in Bogofilter before 1.2.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an email containing a base64 string that is decoded to incomplete multibyte characters.

Affected configurations

NVD

Node

bogofilter_projectbogofilterRange≤1.2.2

bogofilter_projectbogofilterMatch1.0.0

bogofilter_projectbogofilterMatch1.0.1

bogofilter_projectbogofilterMatch1.0.2

bogofilter_projectbogofilterMatch1.0.3

bogofilter_projectbogofilterMatch1.1.0

bogofilter_projectbogofilterMatch1.1.1

bogofilter_projectbogofilterMatch1.1.2

bogofilter_projectbogofilterMatch1.1.3

bogofilter_projectbogofilterMatch1.1.4

bogofilter_projectbogofilterMatch1.1.5

bogofilter_projectbogofilterMatch1.1.6

bogofilter_projectbogofilterMatch1.1.7

bogofilter_projectbogofilterMatch1.2.0

bogofilter_projectbogofilterMatch1.2.1

CPENameOperatorVersion
bogofilter_project:bogofilterbogofilter project bogofilterle1.2.2
bogofilter_project:bogofilterbogofilter project bogofiltereq1.0.0
bogofilter_project:bogofilterbogofilter project bogofiltereq1.0.1
bogofilter_project:bogofilterbogofilter project bogofiltereq1.0.2
bogofilter_project:bogofilterbogofilter project bogofiltereq1.0.3
bogofilter_project:bogofilterbogofilter project bogofiltereq1.1.0
bogofilter_project:bogofilterbogofilter project bogofiltereq1.1.1
bogofilter_project:bogofilterbogofilter project bogofiltereq1.1.2
bogofilter_project:bogofilterbogofilter project bogofiltereq1.1.3
bogofilter_project:bogofilterbogofilter project bogofiltereq1.1.4

CPE	Name	Operator	Version
bogofilter_project:bogofilter	bogofilter project bogofilter	le	1.2.2
bogofilter_project:bogofilter	bogofilter project bogofilter	eq	1.0.0
bogofilter_project:bogofilter	bogofilter project bogofilter	eq	1.0.1
bogofilter_project:bogofilter	bogofilter project bogofilter	eq	1.0.2
bogofilter_project:bogofilter	bogofilter project bogofilter	eq	1.0.3
bogofilter_project:bogofilter	bogofilter project bogofilter	eq	1.1.0
bogofilter_project:bogofilter	bogofilter project bogofilter	eq	1.1.1
bogofilter_project:bogofilter	bogofilter project bogofilter	eq	1.1.2
bogofilter_project:bogofilter	bogofilter project bogofilter	eq	1.1.3
bogofilter_project:bogofilter	bogofilter project bogofilter	eq	1.1.4