5
CVE-2006-0321
- EPSS 3.5%
- Veröffentlicht 24.01.2006 00:03:00
- Zuletzt bearbeitet 16.06.2026 22:20:20
- CVE-Watchlists
- Unerledigt
fetchmail 6.3.0 and other versions before 6.3.2 allows remote attackers to cause a denial of service (crash) via crafted e-mail messages that cause a free of an invalid pointer when fetchmail bounces the message to the originator or local postmaster.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.5% | 0.878 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html
http://secunia.com/advisories/21253
http://www.securityfocus.com/bid/19289
http://www.us-cert.gov/cas/techalerts/TA06-214A.html
http://www.vupen.com/english/advisories/2006/3101
http://secunia.com/advisories/18895
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.443499
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=348747
http://developer.berlios.de/project/shownotes.php?release_id=8784
http://fetchmail.berlios.de/fetchmail-SA-2006-01.txt
http://secunia.com/advisories/18571
http://securitytracker.com/id?1015527
http://www.osvdb.org/22691
http://www.securityfocus.com/archive/1/422936/100/0/threaded
http://www.securityfocus.com/bid/16365
http://www.vupen.com/english/advisories/2006/0300
https://exchange.xforce.ibmcloud.com/vulnerabilities/24265