Lucene search
K

231 matches found

OSV
OSV
added 2017/11/16 3:29 p.m.8 views

AZL-7332 CVE-2017-16844 affecting package procmail for versions less than 3.22-53

Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted e-mail message because of a hardcoded realloc size, a different vulnerability than...

9.8CVSS7.9AI score0.12524EPSS
Exploits0References1
OSV
OSV
added 2017/11/16 3:29 p.m.8 views

AZL-6803 CVE-2017-16844 affecting package procmail for versions less than 3.22-53

Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted e-mail message because of a hardcoded realloc size, a different vulnerability than...

9.8CVSS7.9AI score0.12524EPSS
Exploits0References1
OSV
OSV
added 2017/11/16 3:29 p.m.1 views

DEBIAN-CVE-2017-16844

Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted e-mail message because of a hardcoded realloc size, a different vulnerability than...

9.8CVSS8.1AI score0.12524EPSS
Exploits0References1
CVE
CVE
added 2017/11/16 3:0 p.m.182 views

CVE-2017-16844

CVE-2017-16844 affects procmail: a heap-based buffer overflow in the loadbuf function of formisc.c (formail) caused by a hardcoded realloc size can allow a remote attacker to crash or potentially execute code as the user running formail. Affected versions are procmail

10CVSS9.8AI score0.12524EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2017/11/16 12:0 a.m.3 views

UBUNTU-CVE-2017-16844

Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted e-mail message because of a hardcoded realloc size, a different vulnerability than...

9.8CVSS7.7AI score0.12524EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2017/11/16 12:0 a.m.25 views

procmail -- Heap-based buffer overflow

MITRE reports: A remote attacker could use a flaw to cause formail to crash, resulting in a denial of service or data loss...

10CVSS8.8AI score0.12524EPSS
Exploits0References2
OSV
OSV
added 2017/10/30 7:23 p.m.4 views

MGASA-2017-0392 Updated procmail packages fix security vulnerability

A flaw was found in the loadbuf function in formisc.c. When the buffer is too small, the function tries to resize it, but only by Bsize =128 bytes. This is not necessarily enough and could cause denial of service...

6.8AI score
Exploits0References4
Mageia
Mageia
added 2017/10/30 7:23 p.m.15 views

Updated procmail packages fix security vulnerability

A flaw was found in the loadbuf function in formisc.c. When the buffer is too small, the function tries to resize it, but only by Bsize =128 bytes. This is not necessarily enough and could cause denial of service...

2.5AI score
Exploits0References3
OpenVAS
OpenVAS
added 2017/10/27 12:0 a.m.12 views

Fedora Update for procmail FEDORA-2017-52f233a4f5

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
OpenVAS
OpenVAS
added 2017/10/27 12:0 a.m.16 views

Fedora Update for procmail FEDORA-2017-36eb36ea71

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2017/10/26 12:0 a.m.14 views

Fedora 26 : procmail (2017-36eb36ea71)

This is security update fixing possible buffer overflow in loadbuf function. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...

5.8AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2017/10/26 12:0 a.m.11 views

Fedora 25 : procmail (2017-52f233a4f5)

This is security update fixing possible buffer overflow in loadbuf function. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...

5.8AI score
Exploits0References1
Fedora
Fedora
added 2017/10/25 11:17 p.m.16 views

[SECURITY] Fedora 26 Update: procmail-3.22-44.fc26

Procmail can be used to create mail-servers, mailing lists, sort your incoming mail into separate folders/files real convenient when subscribing to one or more mailing lists or for prioritising your mail, preprocess your mail, start any programs upon mail arrival e.g. to generate different chimes...

1.6AI score
Exploits0
Fedora
Fedora
added 2017/10/25 9:23 p.m.14 views

[SECURITY] Fedora 25 Update: procmail-3.22-44.fc25

Procmail can be used to create mail-servers, mailing lists, sort your incoming mail into separate folders/files real convenient when subscribing to one or more mailing lists or for prioritising your mail, preprocess your mail, start any programs upon mail arrival e.g. to generate different chimes...

1.6AI score
Exploits0
Fedora
Fedora
added 2017/10/17 12:19 a.m.11 views

[SECURITY] Fedora 27 Update: procmail-3.22-44.fc27

Procmail can be used to create mail-servers, mailing lists, sort your incoming mail into separate folders/files real convenient when subscribing to one or more mailing lists or for prioritising your mail, preprocess your mail, start any programs upon mail arrival e.g. to generate different chimes...

1.6AI score
Exploits0
OSV
OSV
added 2017/04/26 2:59 p.m.3 views

UBUNTU-CVE-2017-8284

The disasinsn function in target/i386/translate.c in QEMU before 2.9.0, when TCG mode without hardware acceleration is used, does not limit the instruction size, which allows local users to gain privileges by creating a modified basic block that injects code into a setuid program, as demonstrated...

7CVSS7.1AI score0.00438EPSS
Exploits0References2
OSV
OSV
added 2017/04/26 2:59 p.m.1 views

DEBIAN-CVE-2017-8284

The disasinsn function in target/i386/translate.c in QEMU before 2.9.0, when TCG mode without hardware acceleration is used, does not limit the instruction size, which allows local users to gain privileges by creating a modified basic block that injects code into a setuid program, as demonstrated...

7CVSS7.2AI score0.00438EPSS
Exploits0References1
seebug.org
seebug.org
added 2017/03/28 12:0 a.m.28 views

QEMU: user-to-root privesc inside VM via bad translation caching

This is a security issue in the QEMU's system emulation for X86. The issue permits an attacker who can execute code in the guest ring 3 with normal user privileges to inject code into other processes that are running in guest ring 3, in particular root-owned processes. == reproduction steps ==...

7AI score
Exploits0
Fedora
Fedora
added 2015/11/04 10:52 p.m.12 views

[SECURITY] Fedora 21 Update: php-horde-ingo-3.2.7-1.fc21

Ingo is an email-filter management application. It is fully internationalized, integrated with Horde and the IMP Webmail client, and supports both server-side Sieve, Procmail, Maildrop and client-side IMAP message filtering...

1.4AI score
Exploits0
Fedora
Fedora
added 2015/11/04 10:27 p.m.16 views

[SECURITY] Fedora 22 Update: php-horde-ingo-3.2.7-1.fc22

Ingo is an email-filter management application. It is fully internationalized, integrated with Horde and the IMP Webmail client, and supports both server-side Sieve, Procmail, Maildrop and client-side IMAP message filtering...

1.4AI score
Exploits0
Rows per page
Query Builder