Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Libspf2 Security Vulnerabilities

cve
cve

CVE-2008-2469

Heap-based buffer overflow in the SPF_dns_resolv_lookup function in Spf_dns_resolv.c in libspf2 before 1.2.8 allows remote attackers to execute arbitrary code via a long DNS TXT record with a modified length field.

7.7AI Score

0.911EPSS

2008-10-23 10:00 PM
34
cve
cve

CVE-2021-20314

Stack buffer overflow in libspf2 versions below 1.2.11 when processing certain SPF macros can lead to Denial of service and potentially code execution via malicious crafted SPF explanation messages.

9.8CVSS

9.6AI Score

0.003EPSS

2021-08-12 03:15 PM
133
cve
cve

CVE-2021-33912

libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that might allow remote attackers to execute arbitrary code (via an unauthenticated e-mail message from anywhere on the Internet) with a crafted SPF DNS record, because of incorrect sprintf usage in SPF_record_expand_data in spf_expan...

9.8CVSS

9.7AI Score

0.038EPSS

2022-01-19 06:15 PM
73
cve
cve

CVE-2021-33913

libspf2 before 1.2.11 has a heap-based buffer overflow that might allow remote attackers to execute arbitrary code (via an unauthenticated e-mail message from anywhere on the Internet) with a crafted SPF DNS record, because of SPF_record_expand_data in spf_expand.c. The amount of overflowed data de...

9.8CVSS

9.7AI Score

0.017EPSS

2022-01-19 06:15 PM
80