CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
EPSS
Percentile
85.2%
Fetchmail developer Matthias Andree reported a vulnerability
that allows remote attackers to crash the application
when it is runs in verbose mode.
Fetchmail before release 6.3.17 did not properly
sanitize external input (mail headers and UID). When a
multi-character locale (such as UTF-8) was in use, this
could cause memory exhaustion and thus a denial of
service.