5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.003 Low
EPSS
Percentile
71.0%
The bogofilter team has been provided with a test case of a
malformatted (non-conformant) RFC-2047 encoded word that can cause
bogofilter versions 0.92.7 and prior to try to write a NUL byte into
a memory location that is either one byte past the end of a flex
buffer or to a location that is the negative of the encoded word’s
start of payload data, causing a segmentation fault.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | bogofilter | = 0.17.4 | UNKNOWN |
FreeBSD | any | noarch | bogofilter | < 0.92.8 | UNKNOWN |
FreeBSD | any | noarch | bogofilter-qdbm | = 0.17.4 | UNKNOWN |
FreeBSD | any | noarch | bogofilter-qdbm | < 0.92.8 | UNKNOWN |
FreeBSD | any | noarch | bogofilter-tdb | = 0.17.4 | UNKNOWN |
FreeBSD | any | noarch | bogofilter-tdb | < 0.92.8 | UNKNOWN |
FreeBSD | any | noarch | ru-bogofilter | = 0.17.4 | UNKNOWN |
FreeBSD | any | noarch | ru-bogofilter | < 0.92.8 | UNKNOWN |