7.5
CVE-2005-4591
- EPSS 5.51%
- Veröffentlicht 31.12.2005 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:19:04
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Heap-based buffer overflow in bogofilter 0.96.2, 0.95.2, 0.94.14, 0.94.12, and other versions from 0.93.5 to 0.96.2, when using Unicode databases, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via "invalid input sequences" that lead to heap corruption when bogofilter or bogolexer converts character sets.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Bogofilter ≫ Email Filter Version0.93.5
Bogofilter ≫ Email Filter Version0.94.12
Bogofilter ≫ Email Filter Version0.94.14
Bogofilter ≫ Email Filter Version0.95.2
Bogofilter ≫ Email Filter Version0.96.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 5.51% | 0.918 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://lists.suse.com/archive/suse-security-announce/2006-Feb/0001.html
http://secunia.com/advisories/18717
http://bogofilter.sourceforge.net/security/bogofilter-SA-2005-01
http://secunia.com/advisories/18352
http://secunia.com/advisories/18427
http://www.securityfocus.com/bid/16171
http://www.vupen.com/english/advisories/2006/0100
https://exchange.xforce.ibmcloud.com/vulnerabilities/24118
https://usn.ubuntu.com/240-1/