15 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-8614
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple stack-based buffer overflows in the 1 convjistoeuc, 2 conveuctojis, and 3 convsjistoeuc functions in codeconv.c in Claws Mail before 3.13.1 allow remot...
Debian: Security Advisory (DLA-383-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2015-8614
Claws Mail (GTK-based email client) is affected by a stack-based buffer overflow in codeconv.c (conv_jistoeuc, conv_euctojis, conv_sjistoeuc) that can be triggered by a crafted email containing Japanese character set conversions. Affects versions before 3.13.1; CVE-2015-8708 notes this is an inco...
Fedora 22 : claws-mail-3.13.1-4.fc22 (2015-3a073171c3)
Update from 3.12.0 to 3.13.1 for bug-fixes. Includes security fix for CVE-2015-8614. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...
Fedora 23 : claws-mail-3.13.1-4.fc23 (2015-aa14be8d92)
Update from 3.12.0 to 3.13.1 for bug-fixes. Includes security fix for CVE-2015-8614. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...
openSUSE Security Update : claws-mail (openSUSE-2016-219)
This update for claws-mail fixes the following issues : - CVE-2015-8614: additional fixes for buffer overrun issues which allowed remote attackers to cause a crash or have unspecified further impact boo959993 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...
openSUSE Security Update : claws-mail (openSUSE-2016-214)
This update for claws-mail fixes the following issues : - CVE-2015-8614: additional fixes for buffer overrun issues which allowed remote attackers to cause a crash or have unspecified further impact boo959993 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...
[SECURITY] [DSA 3452-1] claws-mail security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3452-1 [email protected] https://www.debian.org/security/ Ben Hutchings January 23, 2016 https://www.debian.org/security/faq -...
FreeBSD : claws-mail -- no bounds checking on the output buffer in conv_jistoeuc, conv_euctojis, conv_sjistoeuc (51358314-bec8-11e5-82cd-bcaec524bf84)
DrWhax reports : So in codeconv.c there is a function for Japanese character set conversion called convjistoeuc. There is no bounds checking on the output buffer, which is created on the stack with alloca Bug can be triggered by sending an email to [email protected] or whatever. Since my C is...
Mageia: Security Advisory (MGASA-2016-0008)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-383-1 : claws-mail security update
'DrWhax' of the Tails project reported that Claws Mail is missing range checks in some text conversion functions. A remote attacker could exploit this to run arbitrary code under the account of a user that receives a message from them using Claws Mail. CVE-2015-8614 There were no checks on the...
[SECURITY] [DLA 383-1] claws-mail security update
Package : claws-mail Version : 3.7.6-4+squeeze2 CVE ID : CVE-2015-8614 CVE-2015-8708 "DrWhax" of the Tails project reported that Claws Mail is missing range checks in some text conversion functions. A remote attacker could exploit this to run arbitrary code under the account...
Updated claws-mail packages fix security vulnerability
no bounds checking on the output buffer in convjistoeuc, conveuctojis, convsjistoeuc A Tails contributor found a vulnerability in claws-mail where in codeconv.c a function for japanese character set conversion called convjistoeuc has no bounds checking on the output buffer which is created on the...
DLA-383-1 claws-mail - security update
Bulletin has no description...
openSUSE Security Update : claws-mail (openSUSE-2016-1)
This update for claws-mail fixes the following security issue : - CVE-2015-8614: buffer overrun issues in Japanese character set conversion code could allow an adversary to remotely crash claws and potentially have further unspecified impact boo959993 %NASLMINLEVEL 70300 C Tenable Network Securit...