What is CVE-2002-1337?

CVE-2002-1337 is a vulnerability in N/a. Published 2004-09-01.

Is CVE-2002-1337 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2002-1337

Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.

EPSS: 0.722 (99.4th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

References

RHSA-2003:073 (x_refsource_REDHAT, vendor-advisory)
IY40501 (vendor-advisory, x_refsource_AIXAPAR)
20030303 Fwd: APPLE-SA-2003-03-03 sendmail (mailing-list, x_refsource_BUGTRAQ)
RHSA-2003:227 (x_refsource_REDHAT, vendor-advisory)
6991 (vdb-entry, x_refsource_BID)
VU#398025 (x_refsource_CERT-VN, third-party-advisory)
www.sendmail.org/8.12.8.html (x_refsource_CONFIRM)
DSA-257 (vendor-advisory, x_refsource_DEBIAN)
20030304 [LSD] Technical analysis of the remote sendmail vulnerability (mailing-list, x_refsource_BUGTRAQ)
oval:org.mitre.oval:def:2222 (signature, x_refsource_OVAL, vdb-entry)

Frequently asked questions

What is CVE-2002-1337?: CVE-2002-1337 is a vulnerability in N/a. Published 2004-09-01.
Is CVE-2002-1337 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.