6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.026 Low
EPSS
Percentile
90.3%
A Secunia Advisory reports:
A format string error in the โinc_put_error()โ function in
src/inc.c when displaying a POP3 serverโs error response can
be exploited via specially crafted POP3 server replies containing
format specifiers.
Successful exploitation may allow execution of arbitrary code,
but requires that the user is tricked into connecting to a malicious
POP3 server.