Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2007-2958

Summary
Assigner-flexera
Assigner Org ID-44d08088-2bea-4760-83a6-1e9be26b15ab
Published At-27 Aug, 2007 | 17:00
Updated At-07 Aug, 2024 | 13:57
Rejected At-
Credits

Format string vulnerability in the inc_put_error function in src/inc.c in Sylpheed 2.4.4, and Sylpheed-Claws (Claws Mail) 1.9.100 and 2.10.0, allows remote POP3 servers to execute arbitrary code via format string specifiers in crafted replies.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:flexera
Assigner Org ID:44d08088-2bea-4760-83a6-1e9be26b15ab
Published At:27 Aug, 2007 | 17:00
Updated At:07 Aug, 2024 | 13:57
Rejected At:
▼CVE Numbering Authority (CNA)

Format string vulnerability in the inc_put_error function in src/inc.c in Sylpheed 2.4.4, and Sylpheed-Claws (Claws Mail) 1.9.100 and 2.10.0, allows remote POP3 servers to execute arbitrary code via format string specifiers in crafted replies.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://secunia.com/advisories/26550
third-party-advisory
x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2007/2971
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/26610
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/secunia_research/2007-70/advisory/
x_refsource_MISC
http://osvdb.org/40184
vdb-entry
x_refsource_OSVDB
https://bugzilla.redhat.com/show_bug.cgi?id=254121
x_refsource_MISC
http://secunia.com/advisories/27229
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/27379
third-party-advisory
x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/36238
vdb-entry
x_refsource_XF
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00077.html
vendor-advisory
x_refsource_FEDORA
http://security.gentoo.org/glsa/glsa-200710-29.xml
vendor-advisory
x_refsource_GENTOO
http://www.securityfocus.com/bid/25430
vdb-entry
x_refsource_BID
http://www.novell.com/linux/security/advisories/2007_20_sr.html
vendor-advisory
x_refsource_SUSE
http://bugs.gentoo.org/show_bug.cgi?id=190104
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/26550
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2007/2971
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/26610
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/secunia_research/2007-70/advisory/
Resource:
x_refsource_MISC
Hyperlink: http://osvdb.org/40184
Resource:
vdb-entry
x_refsource_OSVDB
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=254121
Resource:
x_refsource_MISC
Hyperlink: http://secunia.com/advisories/27229
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/27379
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/36238
Resource:
vdb-entry
x_refsource_XF
Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00077.html
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://security.gentoo.org/glsa/glsa-200710-29.xml
Resource:
vendor-advisory
x_refsource_GENTOO
Hyperlink: http://www.securityfocus.com/bid/25430
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.novell.com/linux/security/advisories/2007_20_sr.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://bugs.gentoo.org/show_bug.cgi?id=190104
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://secunia.com/advisories/26550
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.vupen.com/english/advisories/2007/2971
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/26610
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/secunia_research/2007-70/advisory/
x_refsource_MISC
x_transferred
http://osvdb.org/40184
vdb-entry
x_refsource_OSVDB
x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=254121
x_refsource_MISC
x_transferred
http://secunia.com/advisories/27229
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/27379
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/36238
vdb-entry
x_refsource_XF
x_transferred
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00077.html
vendor-advisory
x_refsource_FEDORA
x_transferred
http://security.gentoo.org/glsa/glsa-200710-29.xml
vendor-advisory
x_refsource_GENTOO
x_transferred
http://www.securityfocus.com/bid/25430
vdb-entry
x_refsource_BID
x_transferred
http://www.novell.com/linux/security/advisories/2007_20_sr.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://bugs.gentoo.org/show_bug.cgi?id=190104
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/26550
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2007/2971
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/26610
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/secunia_research/2007-70/advisory/
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://osvdb.org/40184
Resource:
vdb-entry
x_refsource_OSVDB
x_transferred
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=254121
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://secunia.com/advisories/27229
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/27379
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/36238
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00077.html
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://security.gentoo.org/glsa/glsa-200710-29.xml
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: http://www.securityfocus.com/bid/25430
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.novell.com/linux/security/advisories/2007_20_sr.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://bugs.gentoo.org/show_bug.cgi?id=190104
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:PSIRT-CNA@flexerasoftware.com
Published At:27 Aug, 2007 | 17:17
Updated At:29 Jul, 2017 | 01:31

Format string vulnerability in the inc_put_error function in src/inc.c in Sylpheed 2.4.4, and Sylpheed-Claws (Claws Mail) 1.9.100 and 2.10.0, allows remote POP3 servers to execute arbitrary code via format string specifiers in crafted replies.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.06.8MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Type: Primary
Version: 2.0
Base score: 6.8
Base severity: MEDIUM
Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P
CPE Matches
sylpheed
sylpheed
>>sylpheed>>2.4.4
cpe:2.3:a:sylpheed:sylpheed:2.4.4:*:*:*:*:*:*:*
sylpheed-claws
sylpheed-claws
>>sylpheed-claws>>1.9.100
cpe:2.3:a:sylpheed-claws:sylpheed-claws:1.9.100:*:*:*:*:*:*:*
sylpheed-claws
sylpheed-claws
>>sylpheed-claws>>2.10.0
cpe:2.3:a:sylpheed-claws:sylpheed-claws:2.10.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
Organization : Red Hat
Last Modified : 2007-08-28T00:00:00

Not vulnerable. This issue did not affect version of Sylpheed as shipped with Red Hat Enterprise Linux 2.1. Sylpheed and claws-mail are not shipped with Red Hat Enterprise Linux 3, 4, or 5.

References
HyperlinkSourceResource
http://bugs.gentoo.org/show_bug.cgi?id=190104PSIRT-CNA@flexerasoftware.com
N/A
http://osvdb.org/40184PSIRT-CNA@flexerasoftware.com
N/A
http://secunia.com/advisories/26550PSIRT-CNA@flexerasoftware.com
Patch
Vendor Advisory
http://secunia.com/advisories/26610PSIRT-CNA@flexerasoftware.com
N/A
http://secunia.com/advisories/27229PSIRT-CNA@flexerasoftware.com
N/A
http://secunia.com/advisories/27379PSIRT-CNA@flexerasoftware.com
N/A
http://secunia.com/secunia_research/2007-70/advisory/PSIRT-CNA@flexerasoftware.com
Patch
Vendor Advisory
http://security.gentoo.org/glsa/glsa-200710-29.xmlPSIRT-CNA@flexerasoftware.com
N/A
http://www.novell.com/linux/security/advisories/2007_20_sr.htmlPSIRT-CNA@flexerasoftware.com
N/A
http://www.securityfocus.com/bid/25430PSIRT-CNA@flexerasoftware.com
N/A
http://www.vupen.com/english/advisories/2007/2971PSIRT-CNA@flexerasoftware.com
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=254121PSIRT-CNA@flexerasoftware.com
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/36238PSIRT-CNA@flexerasoftware.com
N/A
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00077.htmlPSIRT-CNA@flexerasoftware.com
N/A
Hyperlink: http://bugs.gentoo.org/show_bug.cgi?id=190104
Source: PSIRT-CNA@flexerasoftware.com
Resource: N/A
Hyperlink: http://osvdb.org/40184
Source: PSIRT-CNA@flexerasoftware.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/26550
Source: PSIRT-CNA@flexerasoftware.com
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/26610
Source: PSIRT-CNA@flexerasoftware.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/27229
Source: PSIRT-CNA@flexerasoftware.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/27379
Source: PSIRT-CNA@flexerasoftware.com
Resource: N/A
Hyperlink: http://secunia.com/secunia_research/2007-70/advisory/
Source: PSIRT-CNA@flexerasoftware.com
Resource:
Patch
Vendor Advisory
Hyperlink: http://security.gentoo.org/glsa/glsa-200710-29.xml
Source: PSIRT-CNA@flexerasoftware.com
Resource: N/A
Hyperlink: http://www.novell.com/linux/security/advisories/2007_20_sr.html
Source: PSIRT-CNA@flexerasoftware.com
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/25430
Source: PSIRT-CNA@flexerasoftware.com
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2007/2971
Source: PSIRT-CNA@flexerasoftware.com
Resource: N/A
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=254121
Source: PSIRT-CNA@flexerasoftware.com
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/36238
Source: PSIRT-CNA@flexerasoftware.com
Resource: N/A
Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00077.html
Source: PSIRT-CNA@flexerasoftware.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

0Records found
Details not found