SUSE CVE-2007-2958

Format string vulnerability in the incputerror function in src/inc.c in Sylpheed 2.4.4, and Sylpheed-Claws Claws Mail 1.9.100 and 2.10.0, allows remote POP3 servers to execute arbitrary code via format string specifiers in crafted replies...

openSUSE 10 Security Update : sylpheed-claws (sylpheed-claws-4511)

This update fixes a format string bug in the incputerror function. This bug is triggered when error messages from the POP3 server are displayed and can be exploited remotely to execute arbitrary code. CVE-2007-2958 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

Sylpheed和Sylpheed-Claws POP3远程格式串处理漏洞

BUGTRAQ ID: 25430 CVECAN ID: CVE-2007-2958 Sylpheed和Sylpheed-Claws都是轻型的邮件客户端。 Sylpheed和Sylpheed-Claws在处理用户请求存在格式串处理漏洞，远程攻击者可能利用此漏洞控制客户端。 Sylpheed和Sylpheed-Claws邮件客户端的src/inc.c文件中的incputerror函数在显示POP3服务器的错误响应时存在格式串漏洞处理，如果用户受骗连接到了恶意的POP3服务器并接收到包含有格式标识符的回复的话，就可能触发这个漏洞，导致执行任意指令。 Sylpheed Sylpheed 2.4...

DEBIAN-CVE-2007-2958

Format string vulnerability in the incputerror function in src/inc.c in Sylpheed 2.4.4, and Sylpheed-Claws Claws Mail 1.9.100 and 2.10.0, allows remote POP3 servers to execute arbitrary code via format string specifiers in crafted replies...

CVE-2007-2958

CVE-2007-2958 affects Sylpheed 2.4.4 and Sylpheed-Claws (Claws Mail) 1.9.100 and 2.10.0. The vulnerability is a format string issue in inc_put_error (src/inc.c) that can be triggered by crafted POP3 replies from a remote server, allowing arbitrary code execution. Public references and OpenVAS ent...

claws-mail -- POP3 Format String Vulnerability

A Secunia Advisory reports: A format string error in the "incputerror" function in src/inc.c when displaying a POP3 server's error response can be exploited via specially crafted POP3 server replies containing format specifiers. Successful exploitation may allow execution of arbitrary code, but...