Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2003-0143
Description:The pop_msg function in qpopper 4.0.x before 4.0.5fc2 does not null terminate a message buffer after a call to Qvsnprintf, which could allow authenticated users to execute arbitrary code via a buffer overflow in a mdef command with a long macro name.
Test IDs: 1.3.6.1.4.1.25623.1.0.11376   1.3.6.1.4.1.25623.1.0.54108  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2003-0143
BugTraq ID: 7058
http://www.securityfocus.com/bid/7058
Bugtraq: 20030310 QPopper 4.0.x buffer overflow vulnerability (Google Search)
http://marc.info/?l=bugtraq&m=104739841223916&w=2
Bugtraq: 20030312 Re: QPopper 4.0.x buffer overflow vulnerability (Google Search)
http://marc.info/?l=bugtraq&m=104748775900481&w=2
Bugtraq: 20030314 [OpenPKG-SA-2003.018] OpenPKG Security Advisory (qpopper) (Google Search)
http://marc.info/?l=bugtraq&m=104768137314397&w=2
Debian Security Information: DSA-259 (Google Search)
http://www.debian.org/security/2003/dsa-259
http://marc.info/?l=bugtraq&m=104792541215354&w=2
SuSE Security Announcement: SuSE-SA:2003:018 (Google Search)
http://www.novell.com/linux/security/advisories/2003_018_qpopper.html
XForce ISS Database: qpopper-popmsg-macroname-bo(11516)
https://exchange.xforce.ibmcloud.com/vulnerabilities/11516




© 1998-2024 E-Soft Inc. All rights reserved.