10
CVE-2003-0161
- EPSS 71.95%
- Published 02.04.2003 05:00:00
- Last modified 03.04.2025 01:03:51
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337.
Data is provided by the National Vulnerability Database (NVD)
Sendmail ≫ Sendmail Switch Version2.1
Sendmail ≫ Sendmail Switch Version2.1.1
Sendmail ≫ Sendmail Switch Version2.1.2
Sendmail ≫ Sendmail Switch Version2.1.3
Sendmail ≫ Sendmail Switch Version2.1.4
Sendmail ≫ Sendmail Switch Version2.1.5
Sendmail ≫ Sendmail Switch Version2.2
Sendmail ≫ Sendmail Switch Version2.2.1
Sendmail ≫ Sendmail Switch Version2.2.2
Sendmail ≫ Sendmail Switch Version2.2.3
Sendmail ≫ Sendmail Switch Version2.2.4
Sendmail ≫ Sendmail Switch Version2.2.5
Sendmail ≫ Sendmail Switch Version3.0
Sendmail ≫ Sendmail Switch Version3.0.1
Sendmail ≫ Sendmail Switch Version3.0.2
Sendmail ≫ Sendmail Switch Version3.0.3
Hp ≫ Hp-ux Series 700 Version10.20
Hp ≫ Hp-ux Series 800 Version10.20
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 71.95% | 0.987 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|