SUSE CVE-2024-34020

A stack-based buffer overflow was found in the putSDN function of mail.c in hcode through 2.1...

CVE-2024-34020

A stack-based buffer overflow was found in the putSDN function of mail.c in hcode through 2.1...

hcode -- buffer overflow in mail.c

The openSUSE project reports: The problematic function in question is putSDN in mail.c. The static variable cp is used as an index for a fixed-sized buffer ibuf. There is a range check: if cp = HDRBUFLEN ... but under certain circumstances, cp can be incremented beyond the buffer size, leading to...

CVE-2024-34020

A stack-based buffer overflow was found in the putSDN function of mail.c in hcode through 2.1...

CVE-2024-34020

CVE-2024-34020 is a stack-based buffer overflow in hcode’s mail.c putSDN() function, affecting hcode up to version 2.1. The root cause is a boundary mishandling of a static index (cp) into a fixed buffer (ibuf) beyond HDR_BUF_LEN, enabling a potential memory overwrite. OpenSUSE notes fixes in hco...

PT-2024-25647 · Hcode · Hcode

Name of the Vulnerable Software and Affected Versions: hcode versions 2.1 and earlier Description: A stack-based buffer overflow was found in the putSDN function of mail.c. Recommendations: For hcode versions 2.1 and earlier, at the moment, there is no information about a newer version that...