Vulnerability in N/a
CVE-2005-2878
Format string vulnerability in search.c in the imap4d server in GNU Mailutils 0.6 allows remote authenticated users to execute arbitrary code via format string specifiers in the SEARCH command.
EPSS: 0.571 (98.2th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- savannah.gnu.org/patch/index.php (x_refsource_CONFIRM)
- 17020 (x_refsource_SECUNIA, third-party-advisory)
- GLSA-200509-10 (vendor-advisory, x_refsource_GENTOO)
- 16783 (x_refsource_SECUNIA, third-party-advisory)
- 20050909 GNU Mailutils 0.6 imap4d 'search' Format String Vulnerability (x_refsource_IDEFENSE, third-party-advisory)
- www.rosiello.org/archivio/imap4d_FreeBSD_exploit.c (x_refsource_MISC)
- DSA-841 (vendor-advisory, x_refsource_DEBIAN)
- 20050926 FreeBSD GNU Mailutils 0.6 imap4d exploit (mailing-list, x_refsource_BUGTRAQ)
- 14794 (vdb-entry, x_refsource_BID)