FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-03-11 08:52:20 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
b1e8c810-01d0-11da-bc08-0001020eed82	sylpheed -- MIME-encoded file name buffer overflow vulnerability Sylpheed is vulnerable to a buffer overflow when displaying emails with attachments that have MIME-encoded file names. This could be used by a remote attacker to crash sylpheed potentially allowing execution of arbitrary code with the permissions of the user running sylpheed. Discovery 2005-03-29 Entry 2005-07-31 sylpheed sylpheed-gtk2 sylpheed-claws < 1.0.4 12934 CVE-2005-0926 http://sylpheed.good-day.net/changelog.html.en
d9867f50-54d0-11dc-b80b-0016179b2dd5	claws-mail -- POP3 Format String Vulnerability A Secunia Advisory reports: A format string error in the "inc_put_error()" function in src/inc.c when displaying a POP3 server's error response can be exploited via specially crafted POP3 server replies containing format specifiers. Successful exploitation may allow execution of arbitrary code, but requires that the user is tricked into connecting to a malicious POP3 server. Discovery 2007-08-24 Entry 2007-08-27 Modified 2010-05-12 claws-mail sylpheed-claws < 2.10.0_3 sylpheed2 < 2.4.4_1 CVE-2007-2958 http://secunia.com/advisories/26550/ http://secunia.com/secunia_research/2007-70/advisory/

VuXML ID

Description

b1e8c810-01d0-11da-bc08-0001020eed82

sylpheed -- MIME-encoded file name buffer overflow vulnerability

Sylpheed is vulnerable to a buffer overflow when displaying emails with attachments that have MIME-encoded file names. This could be used by a remote attacker to crash sylpheed potentially allowing execution of arbitrary code with the permissions of the user running sylpheed.

Discovery 2005-03-29
Entry 2005-07-31
sylpheed
sylpheed-gtk2
sylpheed-claws

< 1.0.4

12934
CVE-2005-0926
http://sylpheed.good-day.net/changelog.html.en

d9867f50-54d0-11dc-b80b-0016179b2dd5

claws-mail -- POP3 Format String Vulnerability

A Secunia Advisory reports:

A format string error in the "inc_put_error()" function in src/inc.c when displaying a POP3 server's error response can be exploited via specially crafted POP3 server replies containing format specifiers.

Successful exploitation may allow execution of arbitrary code, but requires that the user is tricked into connecting to a malicious POP3 server.

Discovery 2007-08-24
Entry 2007-08-27
Modified 2010-05-12
claws-mail
sylpheed-claws

< 2.10.0_3

sylpheed2

< 2.4.4_1

CVE-2007-2958
http://secunia.com/advisories/26550/
http://secunia.com/secunia_research/2007-70/advisory/