3 matches found
CVE-2020-13645
Technical details for CVE-2020-13645 are not provided in the Connected documents. The Initial Description notes a hostname verification issue in GNOME glib-networking (GTlsClientConnection), but there are no product/version specifics beyond the CP4S remediation, so monitor for updates.
CVE-2020-16118
CVE-2020-16118 affects GNOME Balsa prior to 2.6.0. A malicious server operator or MiTM can trigger a NULL pointer dereference in libbalsa/imap/imap-handle.c by sending a PREAUTH response to imap_mbox_connect, causing a client crash. Several connected sources confirm a fix was released in openSUSE...
CVE-2007-5007
CVE-2007-5007 concerns a stack-based buffer overflow in the ir_fetch_seq function of Balsa (GNOME mail client) prior to version 2.3.20. A long IMAP FETCH response could allow a remote attacker to execute arbitrary code on the affected host. Gentoo GLSA 200710-17 (and related advisories) specify t...