Novell Home

CVE-2007-2958

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2007-2958 at MITRE

Description

Format string vulnerability in the inc_put_error function in src/inc.c in Sylpheed 2.4.4, and Sylpheed-Claws (Claws Mail) 1.9.100 and 2.10.0, allows remote POP3 servers to execute arbitrary code via format string specifiers in crafted replies.

NVD CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

Novell/SUSE information

Novell Bugzilla entry: 303724

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE LINUX 10.0
  • sylpheed-claws >= 1.0.3-5.5
SUSE LINUX 10.1
  • sylpheed-claws >= 1.0.3-26.4

© 2014 Novell