5

CVE-2009-1490

Heap-based buffer overflow in Sendmail before 8.13.2 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long X- header, as demonstrated by an X-Testing header.

Data is provided by the National Vulnerability Database (NVD)
SendmailSendmail Version <= 8.13.1.2
SendmailSendmail Version2.6
SendmailSendmail Version2.6 Editionnt
SendmailSendmail Version2.6.1
SendmailSendmail Version2.6.1 Editionnt
SendmailSendmail Version2.6.2
SendmailSendmail Version3.0
SendmailSendmail Version3.0 Editionnt
SendmailSendmail Version3.0.1
SendmailSendmail Version3.0.1 Editionnt
SendmailSendmail Version3.0.2
SendmailSendmail Version3.0.2 Editionnt
SendmailSendmail Version3.0.3
SendmailSendmail Version4.1
SendmailSendmail Version4.55
SendmailSendmail Version5
SendmailSendmail Version5.59
SendmailSendmail Version5.61
SendmailSendmail Version5.65
SendmailSendmail Version8.6.7
SendmailSendmail Version8.7.6
SendmailSendmail Version8.7.7
SendmailSendmail Version8.7.8
SendmailSendmail Version8.7.9
SendmailSendmail Version8.7.10
SendmailSendmail Version8.8.8
SendmailSendmail Version8.9.0
SendmailSendmail Version8.9.1
SendmailSendmail Version8.9.2
SendmailSendmail Version8.9.3
SendmailSendmail Version8.10
SendmailSendmail Version8.10.0
SendmailSendmail Version8.10.1
SendmailSendmail Version8.10.2
SendmailSendmail Version8.11.0
SendmailSendmail Version8.11.1
SendmailSendmail Version8.11.2
SendmailSendmail Version8.11.3
SendmailSendmail Version8.11.4
SendmailSendmail Version8.11.5
SendmailSendmail Version8.11.6
SendmailSendmail Version8.11.7
SendmailSendmail Version8.12 Updatebeta10
SendmailSendmail Version8.12 Updatebeta12
SendmailSendmail Version8.12 Updatebeta16
SendmailSendmail Version8.12 Updatebeta5
SendmailSendmail Version8.12 Updatebeta7
SendmailSendmail Version8.12.0
SendmailSendmail Version8.12.1
SendmailSendmail Version8.12.2
SendmailSendmail Version8.12.3
SendmailSendmail Version8.12.4
SendmailSendmail Version8.12.5
SendmailSendmail Version8.12.6
SendmailSendmail Version8.12.7
SendmailSendmail Version8.12.8
SendmailSendmail Version8.12.9
SendmailSendmail Version8.12.10
SendmailSendmail Version8.12.11
SendmailSendmail Version8.13.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 7.79% 0.917
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.