CVE 2007-2958
Format string vulnerability in the inc_put_error function in src/inc.c in Sylpheed 2.4.4, and Sylpheed-Claws (Claws Mail) 1.9.100 and 2.10.0, allows remote POP3 servers to execute arbitrary code via format string specifiers in crafted replies.
Related bugs and status
CVE-2007-2958 (Candidate) is related to these bugs:
Bug #136302: Sylpheed POP3 Format String Vulnerability
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
136302 | Sylpheed POP3 Format String Vulnerability | sylpheed (Ubuntu) | Medium | Invalid | ||
136302 | Sylpheed POP3 Format String Vulnerability | claws-mail (Ubuntu) | Medium | Fix Released | ||
136302 | Sylpheed POP3 Format String Vulnerability | sylpheed-claws-gtk2 (Ubuntu) | Medium | Invalid | ||
136302 | Sylpheed POP3 Format String Vulnerability | sylpheed-claws (Ubuntu) | Medium | Invalid | ||
136302 | Sylpheed POP3 Format String Vulnerability | claws-mail (Ubuntu Dapper) | Undecided | Invalid | ||
136302 | Sylpheed POP3 Format String Vulnerability | sylpheed (Ubuntu Dapper) | Undecided | Fix Released | ||
136302 | Sylpheed POP3 Format String Vulnerability | sylpheed-claws (Ubuntu Dapper) | Undecided | Fix Released | ||
136302 | Sylpheed POP3 Format String Vulnerability | sylpheed-claws-gtk2 (Ubuntu Dapper) | Undecided | Fix Released | ||
136302 | Sylpheed POP3 Format String Vulnerability | claws-mail (Ubuntu Feisty) | Undecided | Invalid | ||
136302 | Sylpheed POP3 Format String Vulnerability | sylpheed (Ubuntu Feisty) | Undecided | Fix Released | ||
136302 | Sylpheed POP3 Format String Vulnerability | sylpheed-claws (Ubuntu Feisty) | Undecided | Fix Released | ||
136302 | Sylpheed POP3 Format String Vulnerability | sylpheed-claws-gtk2 (Ubuntu Feisty) | Undecided | Fix Released | ||
136302 | Sylpheed POP3 Format String Vulnerability | claws-mail (Ubuntu Edgy) | Undecided | Invalid | ||
136302 | Sylpheed POP3 Format String Vulnerability | sylpheed (Ubuntu Edgy) | Undecided | Fix Released | ||
136302 | Sylpheed POP3 Format String Vulnerability | sylpheed-claws (Ubuntu Edgy) | Undecided | Fix Released | ||
136302 | Sylpheed POP3 Format String Vulnerability | sylpheed-claws-gtk2 (Ubuntu Edgy) | Undecided | Fix Released | ||
136302 | Sylpheed POP3 Format String Vulnerability | claws-mail (Ubuntu Gutsy) | Medium | Fix Released | ||
136302 | Sylpheed POP3 Format String Vulnerability | sylpheed (Ubuntu Gutsy) | Medium | Invalid | ||
136302 | Sylpheed POP3 Format String Vulnerability | sylpheed-claws (Ubuntu Gutsy) | Medium | Invalid | ||
136302 | Sylpheed POP3 Format String Vulnerability | sylpheed-claws-gtk2 (Ubuntu Gutsy) | Medium | Invalid |
See the
CVE page on Mitre.org
for more details.