18 matches found
SMTP Injection
Jakarta Mail is vulnerable to SMTP injection. The vulnerability is due to improper input validation of SMTP message fields of raw carriage return and line feed \r and \n UTF-8 characters in headers and parameters, An attackers can exploit this to inject additional SMTP commands or split messages ...
EUVD-2015-2869
Malware in sbrugna...
EUVD-2017-7146
Malware in sbrugna...
SUSE CVE-2015-2779
Stack consumption vulnerability in the message splitting functionality in Quassel before 0.12-rc1 allows remote attackers to cause a denial of service uncontrolled recursion via a crafted massage...
DEBIAN-CVE-2017-15723
In Irssi before 1.0.5, overlong nicks or targets may result in a NULL pointer dereference while splitting the message...
ALPINE-CVE-2017-15723
In Irssi before 1.0.5, overlong nicks or targets may result in a NULL pointer dereference while splitting the message...
UBUNTU-CVE-2017-15723
In Irssi before 1.0.5, overlong nicks or targets may result in a NULL pointer dereference while splitting the message...
[SECURITY] Fedora 26 Update: mimedefang-2.81-1.fc26
MIMEDefang is an e-mail filter program which works with Sendmail 8.12 and later. It filters all e-mail messages sent via SMTP. MIMEDefang splits multi-part MIME messages into their components and potentially deletes or modifies the various parts. It then reassembles the parts back into an e-mail...
headers containing newline characters can split messages
Serializing of headers to the socket did not filter the values for newline bytes \r or \n, which allowed for header values to split a request or response. People would not likely include newlines in the headers in their own applications, so the way for most people to exploit this is if an...
Quassel Denial of Service Vulnerability
Quassel aka Quassel IRC is a cross-platform distributed IRC chat client developed by the Quassel IRC team , which is developed using the QT application framework , PostgreSQL database to store data . A denial of service vulnerability exists in the message splitting feature of Quassel versions pri...
DEBIAN-CVE-2015-2779
Stack consumption vulnerability in the message splitting functionality in Quassel before 0.12-rc1 allows remote attackers to cause a denial of service uncontrolled recursion via a crafted massage...
CVE-2015-2779
Stack consumption vulnerability in the message splitting functionality in Quassel before 0.12-rc1 allows remote attackers to cause a denial of service uncontrolled recursion via a crafted massage...
UBUNTU-CVE-2015-2779
Stack consumption vulnerability in the message splitting functionality in Quassel before 0.12-rc1 allows remote attackers to cause a denial of service uncontrolled recursion via a crafted massage...
CVE-2015-2779
Stack consumption vulnerability in the message splitting functionality in Quassel before 0.12-rc1 allows remote attackers to cause a denial of service uncontrolled recursion via a crafted massage...
Stack overflow
Stack consumption vulnerability in the message splitting functionality in Quassel before 0.12-rc1 allows remote attackers to cause a denial of service uncontrolled recursion via a crafted massage...
CVE-2015-2778
Quassel before 0.12-rc1 uses an incorrect data-type size when splitting a message, which allows remote attackers to cause a denial of service crash via a long CTCP query containing only multibyte characters...
CVE-2015-2779
Stack consumption vulnerability in the message splitting functionality in Quassel before 0.12-rc1 allows remote attackers to cause a denial of service uncontrolled recursion via a crafted massage...
CVE-2015-2779
Stack consumption vulnerability in the message splitting functionality in Quassel before 0.12-rc1 allows remote attackers to cause a denial of service uncontrolled recursion via a crafted massage...