Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2010-0562
HistoryFeb 08, 2010 - 9:30 p.m.

CVE-2010-0562

2010-02-0821:30:00
CWE-119
[email protected]
web.nvd.nist.gov
7

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

8.2

Confidence

High

EPSS

0.094

Percentile

94.8%

JSON

The sdump function in sdump.c in fetchmail 6.3.11, 6.3.12, and 6.3.13, when running in verbose mode on platforms for which char is signed, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an SSL X.509 certificate containing non-printable characters with the high bit set, which triggers a heap-based buffer overflow during escaping.

Affected configurations

Nvd
Node
fetchmailfetchmailMatch6.3.11
OR
fetchmailfetchmailMatch6.3.12
OR
fetchmailfetchmailMatch6.3.13
VendorProductVersionCPE
fetchmailfetchmail6.3.11cpe:2.3:a:fetchmail:fetchmail:6.3.11:*:*:*:*:*:*:*
fetchmailfetchmail6.3.12cpe:2.3:a:fetchmail:fetchmail:6.3.12:*:*:*:*:*:*:*
fetchmailfetchmail6.3.13cpe:2.3:a:fetchmail:fetchmail:6.3.13:*:*:*:*:*:*:*

Related

altlinux 2
openvas 8
securityvulns 2
cvelist 1
ubuntucve 1
debiancve 1
cve 1
nessus 5
fedora 1
prion 1
freebsd 1
gentoo 1
altlinux
altlinux
Security fix for the ALT Linux 6 package fetchmail version 6.3.14-alt1
2010-03-27 00:00:00
Security fix for the ALT Linux 5 package fetchmail version 6.3.14-alt1
2010-03-27 00:00:00
openvas
openvas
FreeBSD Ports: fetchmail
2010-02-18 00:00:00
Fedora Update for fetchmail FEDORA-2010-3800
2010-03-12 00:00:00
Mandriva Update for fetchmail MDVSA-2010:037 (fetchmail)
2010-02-19 00:00:00
securityvulns
securityvulns
[ MDVSA-2010:037 ] fetchmail
2010-02-16 00:00:00
fetchmail buffer overflow
2010-02-16 00:00:00
cvelist
cvelist
CVE-2010-0562
2010-02-08 21:00:00
ubuntucve
ubuntucve
CVE-2010-0562
2010-02-08 00:00:00
debiancve
debiancve
CVE-2010-0562
2010-02-08 21:30:00
cve
cve
CVE-2010-0562
2010-02-08 21:30:00
nessus
nessus
Mandriva Linux Security Advisory : fetchmail (MDVSA-2010:037)
2010-07-30 00:00:00
openSUSE Security Update : fetchmail (fetchmail-1996)
2010-02-19 00:00:00
FreeBSD : fetchmail -- heap overflow on verbose X.509 display (2a6a966f-1774-11df-b5c1-0026189baca3)
2010-02-15 00:00:00
fedora
fedora
[SECURITY] Fedora 12 Update: fetchmail-6.3.11-4.fc12
2010-03-06 03:52:56
prion
prion
Heap overflow
2010-02-08 21:30:00
freebsd
freebsd
fetchmail -- heap overflow on verbose X.509 display
2010-02-04 00:00:00
gentoo
gentoo
Fetchmail: Multiple vulnerabilities
2010-06-01 00:00:00

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

8.2

Confidence

High

EPSS

0.094

Percentile

94.8%

JSON
Related for NVD:CVE-2010-0562
altlinux2openvas8securityvulns2cvelist1ubuntucve1debiancve1cve1nessus5fedora1prion1freebsd1gentoo1