CVE-2003-0143 | Vulnerability Database | Aqua Security

The pop_msg function in qpopper 4.0.x before 4.0.5fc2 does not null terminate a message buffer after a call to Qvsnprintf, which could allow authenticated users to execute arbitrary code via a buffer overflow in a mdef command with a long macro name.

Affected Software

Name	Vendor	Start Version	End Version
Qpopper	Qualcomm	4.0.1 (including)	4.0.1 (including)
Qpopper	Qualcomm	4.0.2 (including)	4.0.2 (including)
Qpopper	Qualcomm	4.0.3 (including)	4.0.3 (including)
Qpopper	Qualcomm	4.0.4 (including)	4.0.4 (including)

References

http://marc.info/?l=bugtraq\u0026m=104739841223916\u0026w=2
http://marc.info/?l=bugtraq\u0026m=104748775900481\u0026w=2
http://marc.info/?l=bugtraq\u0026m=104768137314397\u0026w=2
http://marc.info/?l=bugtraq\u0026m=104792541215354\u0026w=2
http://www.debian.org/security/2003/dsa-259
http://www.novell.com/linux/security/advisories/2003_018_qpopper.html
http://www.securityfocus.com/bid/7058
https://exchange.xforce.ibmcloud.com/vulnerabilities/11516

NVD	https://nvd.nist.gov/vuln/detail/CVE-2003-0143
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html