7.8
CVE-2006-5974
- EPSS 3.79%
- Veröffentlicht 31.12.2006 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:32:14
- CVE-Watchlists
- Unerledigt
fetchmail 6.3.5 and 6.3.6 before 6.3.6-rc4, when refusing a message delivered via the mda option, allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger a NULL pointer dereference when calling the (1) ferror or (2) fflush functions.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.79% | 0.886 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 10 | 6.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:C
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://www.novell.com/linux/security/advisories/2007_4_sr.html
http://fedoranews.org/cms/node/2429
http://secunia.com/advisories/23631
http://secunia.com/advisories/23804
http://secunia.com/advisories/23838
http://secunia.com/advisories/23923
http://secunia.com/advisories/24151
http://security.gentoo.org/glsa/glsa-200701-13.xml
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.517995
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.004.html
http://www.trustix.org/errata/2007/0007
http://www.vupen.com/english/advisories/2007/0087
http://www.vupen.com/english/advisories/2007/0088
http://fetchmail.berlios.de/fetchmail-SA-2006-03.txt
http://osvdb.org/31836
http://securitytracker.com/id?1017479
http://www.securityfocus.com/archive/1/456114/100/0/threaded
http://www.securityfocus.com/bid/21902