CVE Vulnerabilities

CVE-2004-1007

Published: Mar 01, 2005 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu
UNTRIAGED

The quoted-printable decoder in bogofilter 0.17.4 to 0.92.7 allows remote attackers to cause a denial of service (application crash) via mail headers that cause a line feed (LF) to be replaced by a null byte that is written to an incorrect memory address.

Affected Software

Name Vendor Start Version End Version
Email_filter Bogofilter 0.9.0.3 (including) 0.9.0.3 (including)
Email_filter Bogofilter 0.9.0.4 (including) 0.9.0.4 (including)
Email_filter Bogofilter 0.9.0.5 (including) 0.9.0.5 (including)
Email_filter Bogofilter 0.92 (including) 0.92 (including)
Email_filter Bogofilter 0.92.4 (including) 0.92.4 (including)
Email_filter Bogofilter 0.92.6 (including) 0.92.6 (including)
Email_filter Bogofilter 0.92.7 (including) 0.92.7 (including)
Ubuntu_linux Ubuntu 4.1 (including) 4.1 (including)
Bogofilter Ubuntu dapper *
Bogofilter Ubuntu devel *
Bogofilter Ubuntu edgy *
Bogofilter Ubuntu feisty *

References