12 matches found
MiracleLinux 7 : procmail-3.22-36.el7.1 (AXSA:2017-2423:02)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2017-2423:02 advisory. A heap-based buffer overflow flaw was found in procmail's formail utility. A remote attacker could send a specially crafted email that, when processed by...
SUSE CVE-2017-16844
Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted e-mail message because of a hardcoded realloc size, a different vulnerability than...
Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted e-mail message because of a hardcoded realloc size a different vulnerability than CVE-2014-3618.
...
procmail: Heap-based buffer overflow in loadbuf function in formisc.c
A heap-based buffer overflow flaw was found in procmail's formail utility. A remote attacker could send a specially crafted email that, when processed by formail, could cause formail to crash or, possibly, execute arbitrary code as the user running formail...
procmail security update
3.22-36.1 - Fixed possible buffer overflow in loadbuf function Resolves: CVE-2017-16844...
procmail Heap Buffer Overflow Vulnerability
procmail is a set of mail management tools. The tool supports filtering and sorting messages, creating mail servers, mailing lists, and more. A heap buffer overflow vulnerability exists in the 'loadbuf' function in the formisc.c file of formail in procmail version 3.22. A remote attacker can...
AZL-6803 CVE-2017-16844 affecting package procmail for versions less than 3.22-53
Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted e-mail message because of a hardcoded realloc size, a different vulnerability than...
DEBIAN-CVE-2017-16844
Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted e-mail message because of a hardcoded realloc size, a different vulnerability than...
AZL-7332 CVE-2017-16844 affecting package procmail for versions less than 3.22-53
Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted e-mail message because of a hardcoded realloc size, a different vulnerability than...
AZL-36982 CVE-2017-16844 affecting package procmail for versions less than 3.22-53
Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted e-mail message because of a hardcoded realloc size, a different vulnerability than...
Updated procmail packages fix security vulnerability
A flaw was found in the loadbuf function in formisc.c. When the buffer is too small, the function tries to resize it, but only by Bsize =128 bytes. This is not necessarily enough and could cause denial of service...
MGASA-2017-0392 Updated procmail packages fix security vulnerability
A flaw was found in the loadbuf function in formisc.c. When the buffer is too small, the function tries to resize it, but only by Bsize =128 bytes. This is not necessarily enough and could cause denial of service...