PT-2012-5984 · Bogofilter+1 · Bogofilter+1

Jan Lieskovsky

·

Publicado

2012-12-17

·

Atualizado

2017-08-29

·

CVE-2012-5468

CVSS v2.0

7.5

Alta

VetorAV:N/AC:L/Au:N/C:P/I:P/A:P
Name of the Vulnerable Software and Affected Versions Bogofilter versions prior to 1.2.3
Description The issue is related to a heap-based buffer overflow in the iconvert.c file within the bogolexer component. This can be triggered by an email containing a base64 string that decodes to incomplete multibyte characters, potentially allowing remote attackers to cause a denial of service (crash) and possibly execute arbitrary code.
Recommendations For versions prior to 1.2.3, update to version 1.2.3 or later to resolve the issue.

Exploit

Correção

DoS

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

CVE-2012-5468
DSA-2585-1
OPENSUSE-SU-2024:10502-1
SUSE-SU-2012_1652-1

Produtos afetados

Bogofilter
Suse