OAuth2 Proxy has an Authorization Bypass in Email Domain Validation via Malformed Multi-@ Email Claims

Impact An authorization bypass exists in OAuth2 Proxy as part of the emaildomain enforcement option. An attacker may be able to authenticate with an email claim such as [email protected]@company.com and satisfy an allowed domain check for company.com, even though the claim is not a valid email...

Weird Zimbra Vulnerability

Hackers can execute commands on a remote computer by sending malformed emails to a Zimbra mail server. It's critical, but difficult to exploit reliably. In an email sent Wednesday afternoon, Proofpoint researcher Greg Lesnewich seemed to largely concur that the attacks weren't likely to lead to...

CLSA-2024-1717693112 python3: Fix of 3 CVEs

Remove -b option, use original maintainer approach - Fix expat regression tests for xmletree - CVE-2022-48564: Improve validation of Plist files that prevent DoS - CVE-2023-40217: Fix TLS handshake bypass - CVE-2023-27043: reject malformed addresses in email.parseaddr...

USN-3393-1 clamav vulnerabilities

It was discovered that ClamAV incorrectly handled parsing certain e-mail messages. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. CVE-2017-6418 It was discovered that ClamAV incorrectly handled certain malformed CHM files. A remote...

ZDI-11-045: IBM Lotus Domino IMAP/POP3 Non-Printable Character Expansion Remote Code Execution Vulnerability

ZDI-11-045: IBM Lotus Domino IMAP/POP3 Non-Printable Character Expansion Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-045 February 7, 2011 - This vulnerability is being disclosed publicly without a patch in accordance with the ZDI 180 day deadline. To vie...

CVE-2004-2147

Unknown versions of Symantec Norton AntiVirus and Microsoft Outlook allow attackers to cause a denial of service crash via malformed e-mail messages 1 without a body or 2 without a carriage return "\n" separating the headers from the body...

Gaucho 1.4 Mail Client Buffer Overflow Vulnerability

Exploit for unknown platform in category remote exploits ==================================================== Gaucho 1.4 Mail Client Buffer Overflow Vulnerability ==================================================== // // Gaucho Ver 1.4 Mail Client Buffer Overflow Vulnerability // Bind Shell POC...

Gaucho 1.4 - Mail Client Buffer Overflow

// // Gaucho Ver 1.4 Mail Client Buffer Overflow Vulnerability // Bind Shell POC Validation Code for English Win2K SP4 // 10 Aug 2004 // // Gaucho is an Email client developed by NakedSoft for Microsoft Windows // platforms. Gaucho supports SMTP, POP3 and other email delivery protocols. // Gaucho...

gaucho140poc.cpp.txt

// // Gaucho Ver 1.4 Mail Client Buffer Overflow Vulnerability // Bind Shell POC Validation Code for English Win2K SP4 // 10 Aug 2004 // // Gaucho is an Email client developed by NakedSoft for Microsoft Windows // platforms. Gaucho supports SMTP, POP3 and other email delivery protocols. // Gaucho...

Mozilla Firefox < 1.1 POP3 Client Malformed Email DoS

Binary data 1758.prm...