Lucene search
K

318 matches found

ThreatPost
ThreatPost
added 2010/04/28 8:22 p.m.5 views

PDF Malware Using New Attack Technique

A fresh batch of malicious PDFs is making the rounds via email, with the attackers trying to trick users into opening the files by making them look like instructions for an update to their email accounts. The difference this time, however, is that the attack uses a technique recently published by...

1.1AI score
Exploits0References4
OSV
OSV
added 2008/12/23 6:30 p.m.10 views

CVE-2008-5514

Off-by-one error in the rfc822outputchar function in the RFC822BUFFER routines in the University of Washington UW c-client library, as used by the UW IMAP toolkit before imap-2007e and other applications, allows context-dependent attackers to cause a denial of service crash via an e-mail message...

6.3AI score0.01764EPSS
Exploits1References10
UbuntuCve
UbuntuCve
added 2008/11/10 2:12 p.m.21 views

CVE-2008-5005

Multiple stack-based buffer overflows in 1 University of Washington IMAP Toolkit 2002 through 2007c, 2 University of Washington Alpine 2.00 and earlier, and 3 Panda IMAP allow a local users to gain privileges by specifying a long folder extension argument on the command line to the tmail or dmail...

10CVSS6.5AI score0.06355EPSS
Exploits0References1
seebug.org
seebug.org
added 2007/06/14 12:0 a.m.24 views

Vista Windows Mail客户端本地文件执行漏洞(MS07-034)

Windows Mail是Windows Vista所捆绑的默认邮件客户端。 Vista Windows Mail在处理邮件中的链接时存在漏洞,远程攻击者可能利用此漏洞在用户机器上执行恶意代码。 如果文件夹中存在相同名称的可执行文件的话,则如果用户点击了邮件中恶意链接的话,Vistas Mail客户端就会执行该可执行文件。假设C:\盘下存在名为blah的文件夹,同时该盘下还存在名为blah.bat的批处理脚本,则如果用户点击了邮件中目标设置为C:\blah的URL的话,就会未经提示执行批处理脚本。 例如,发送包含有以下URL的HTML邮件消息: a...

7.1AI score
Exploits0
CVE
CVE
added 2007/04/30 11:0 p.m.41 views

CVE-2007-2372

CVE-2007-2372 affects phpMyNewsletter 0.8 beta5 and earlier. The admin/send_mod.php path prints a Location header but does not exit when administrative credentials are missing, enabling remote attackers to craft an e-mail via a POST containing subject, message, format, and list_id, then send the ...

10CVSS6.7AI score0.08201EPSS
Exploits1References2Affected Software1
Symantec
Symantec
added 2006/04/11 12:0 a.m.29 views

Microsoft Internet Explorer HTML Tag Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. This is related to the handling of certain HTML tags. Attackers could exploit this issue via a malicious web page to execute arbitrary code in the context of the currently logged-in user. They could also use HT...

7.3AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2005/01/08 12:0 a.m.27 views

Mozilla XBM Image Vulnerability

Package: Mozilla Auth: http://www.mozilla.org Vulnerability Type: Remote Denial Of Service Affected Software: Mozilla ver. 1.6 for Windows maybe vulnerable also prior versions Not vulnerable: Mozilla for Linux What's Mozilla: -------------- Mozilla is a suite of internet applications. Users can...

0.3AI score
Exploits0
NVD
NVD
added 2004/12/31 5:0 a.m.14 views

CVE-2004-2301

Eudora before 6.1.1 allows remote attackers to cause a denial of service crash via an e-mail with a long "To:" field, possibly due to a buffer overflow...

5CVSS7AI score0.01767EPSS
Exploits0References3
securityvulns
securityvulns
added 2004/06/29 12:0 a.m.33 views

[Full-Disclosure] DoS in popclient 3.0b6

DoS in popclient 3.0b6 ---------------------- Release Date: 29th June 2004 Discovery: Dean White [email protected] Research: John Cartwright [email protected] Overview -------- "popclient is a Post Office Protocol compliant mail retrieval client which supports both POP2 as specified in RFC 9...

Exploits0
NVD
NVD
added 2003/11/17 5:0 a.m.12 views

CVE-2003-0792

Fetchmail 6.2.4 and earlier does not properly allocate memory for long lines, which allows remote attackers to cause a denial of service crash via a certain email...

5CVSS6.4AI score0.01943EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2003/09/12 4:0 a.m.26 views

CVE-2003-0721

Integer signedness error in rfc2231getparam from strings.c in PINE before 4.58 allows remote attackers to execute arbitrary code via an email that causes an out-of-bounds array access using a negative number...

7.5CVSS7.3AI score0.03859EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2003/09/12 12:0 a.m.3 views

PT-2003-1817 · Washington University · Pine

Name of the Vulnerable Software and Affected Versions: PINE versions prior to 4.58 Description: The issue is related to an integer signedness error in the rfc2231 get param function from strings.c. This error allows remote attackers to execute arbitrary code via an email that causes an...

7.5CVSS7.3AI score0.03859EPSS
Exploits1References9
exploitpack
exploitpack
added 2003/08/23 12:0 a.m.12 views

Microsoft Internet Explorer 6 - ADODB.Stream Object File Installation

Microsoft Internet Explorer 6 - ADODB.Stream Object File Installation source: https://www.securityfocus.com/bid/10514/info Microsoft Internet Explorer is prone to a security weakness that may permit malicious HTML documents to create or overwrite files on a victim file system when interpreted fro...

7.4AI score
Exploits0
NVD
NVD
added 2002/12/31 5:0 a.m.18 views

CVE-2002-1765

Evolution 1.0.3 and 1.0.4 allows remote attackers to cause a denial of service memory consumption and crash via an email with a malformed MIME header...

5CVSS6.7AI score0.01634EPSS
Exploits0References5
NVD
NVD
added 2002/06/25 4:0 a.m.18 views

CVE-2002-0342

Kmail 1.2 on KDE 2.1.1 allows remote attackers to cause a denial of service crash via an email message whose body is approximately 55 K long...

5CVSS6.7AI score0.01741EPSS
Exploits1References3
NVD
NVD
added 2000/10/20 4:0 a.m.16 views

CVE-2000-0738

WebShield SMTP 4.5 allows remote attackers to cause a denial of service by sending e-mail with a From: address that has a . period at the end, which causes WebShield to continuously send itself copies of the e-mail...

5CVSS6.6AI score0.01741EPSS
Exploits1References3
Exploit DB
Exploit DB
added 2000/07/18 12:0 a.m.22 views

Microsoft Outlook 97/98/2000 / Outlook Express 4.0/5.0 - GMT Field Buffer Overflow (1)

source: https://www.securityfocus.com/bid/1481/info All versions of Microsoft Outlook and Outlook Express are vulnerable to buffer overflow attacks where a remote user is capable of executing arbitrary code on an email recipient's system. The problem lies in how Outlook and Outlook Express handle...

7.4AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.9 views

Security Update for Windows 2000 (819696)

An identified security issue in Microsoft® DirectX® could allow an attacker to run programs on a computer running Microsoft® Windows® 2000. The attacker would first have to send you an e-mail message or entice you into visiting a malicious Web site. You can help protect your computer by installin...

4AI score
Exploits0
Rows per page
Query Builder