CVE-2005-4300

Name of the Vulnerable Software and Affected Versions libremail versions 1.1.0 and earlier

Description The issue is related to a format string vulnerability in the lire pop function, located in the pop.c file of the libremail library. This vulnerability can be exploited by remote attackers to execute arbitrary code, potentially through a crafted e-mail or a malicious POP server response. The vulnerability is specifically noted in versions compiled with the debug option.

Recommendations For libremail versions 1.1.0 and earlier, consider disabling the lire pop function as a temporary workaround until a patch is available. Restrict access to the pop.c module to minimize the risk of exploitation. Avoid using the libremail library with the debug option enabled until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.