PT-2001-2147 · Pop3Lite · Pop3Lite

Published

2001-09-02

Updated

2017-12-19

CVE-2001-0996

CVSS v2.0

6.4

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:P

Name of the Vulnerable Software and Affected Versions POP3Lite versions prior to 0.2.4

Description The issue allows a remote attacker to append arbitrary text to the end of an email message by not properly quoting a . (dot) in the message. This could cause mail clients to interpret the appended text as valid POP server responses or other input, potentially leading to crashes or unexpected behavior.

Recommendations For versions prior to 0.2.4, update to version 0.2.4 or later to resolve the issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2001-0996

Affected Products

Pop3Lite

PT-2001-2147 · Pop3Lite · Pop3Lite

CVE-2001-0996

Related Identifiers

Affected Products

References · 4