Novell Home

CVE-2010-2494

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2010-2494 at MITRE

Description

Multiple buffer underflows in the base64 decoder in base64.c in (1) bogofilter and (2) bogolexer in bogofilter before 1.2.2 allow remote attackers to cause a denial of service (heap memory corruption and application crash) via an e-mail message with invalid base64 data that begins with an = (equals) character.

NVD CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)

Novell/SUSE information

Novell Bugzilla entry: 619847

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 11 SP1
  • bogofilter >= 1.1.1-174.20.1
sled11-sp1.x86-64
sled11-sp1.x86
SAT Patch Nr: 2666
SUSE Linux Enterprise Desktop 11 GA
  • bogofilter >= 1.1.1-174.20.1
sled11.x86-64
sled11.x86
SAT Patch Nr: 2665
openSUSE 11.1
  • bogofilter-debuginfo >= 1.1.1-174.18.1
  • bogofilter-debugsource >= 1.1.1-174.18.1
openSUSE 11.1
  • bogofilter >= 1.1.1-174.18.1
openSUSE 11.2
  • bogofilter-debuginfo >= 1.2.0-2.5.1
  • bogofilter-debugsource >= 1.2.0-2.5.1
openSUSE 11.2
  • bogofilter >= 1.2.0-2.5.1

© 2014 Novell