Heap-based buffer overflow in bogofilter 0.96.2, 0.95.2, 0.94.14, 0.94.12, and other versions from 0.93.5 to 0.96.2, when using Unicode databases, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via "invalid input sequences" that lead to heap corruption when bogofilter or bogolexer converts character sets.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 00:04
Type | Values Removed | Values Added |
---|---|---|
References | () http://bogofilter.sourceforge.net/security/bogofilter-SA-2005-01 - Patch, Vendor Advisory | |
References | () http://lists.suse.com/archive/suse-security-announce/2006-Feb/0001.html - | |
References | () http://secunia.com/advisories/18352 - Patch, Vendor Advisory | |
References | () http://secunia.com/advisories/18427 - | |
References | () http://secunia.com/advisories/18717 - | |
References | () http://www.securityfocus.com/bid/16171 - Patch | |
References | () http://www.vupen.com/english/advisories/2006/0100 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/24118 - | |
References | () https://usn.ubuntu.com/240-1/ - |
Information
Published : 2005-12-31 05:00
Updated : 2024-11-21 00:04
NVD link : CVE-2005-4591
Mitre link : CVE-2005-4591
CVE.ORG link : CVE-2005-4591
JSON object : View
Products Affected
bogofilter
- email_filter
CWE