Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sylpheed sylpheed vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2017-17517
libsylph/utils.c in Sylpheed up to and including 3.6 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote malicious users to conduct argument-injection attacks via a crafted URL.
Sylpheed Project Sylpheed
6.1
CVSSv3
CVE-2021-37746
textview_uri_security_check in textview.c in Claws Mail prior to 3.18.0, and Sylpheed up to and including 3.7.0, does not have sufficient link checks before accepting a click.
Claws-mail Claws-mail
Sylpheed Project Sylpheed
Fedoraproject Fedora 33
Fedoraproject Fedora 34
NA
CVE-2007-2958
Format string vulnerability in the inc_put_error function in src/inc.c in Sylpheed 2.4.4, and Sylpheed-Claws (Claws Mail) 1.9.100 and 2.10.0, allows remote POP3 servers to execute arbitrary code via format string specifiers in crafted replies.
Sylpheed-claws Sylpheed-claws 1.9.100
Sylpheed-claws Sylpheed-claws 2.10.0
Sylpheed Sylpheed 2.4.4
NA
CVE-2007-1267
Sylpheed 2.2.7 and previous versions does not properly use the --status-fd argument when invoking GnuPG, which prevents Sylpheed from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote malicious users to ...
Sylpheed Sylpheed
NA
CVE-2006-2920
Sylpheed-Claws prior to 2.2.2 and Sylpheed prior to 2.2.6 allow remote malicious users to bypass the URI check functionality and makes it easier to conduct phishing attacks via a URI that begins with a space character.
Sylpheed Sylpheed
Sylpheed Sylpheed 2.1.2
Sylpheed Sylpheed 2.0
Sylpheed-claws Sylpheed-claws 0.9.4
Sylpheed-claws Sylpheed-claws 0.9.5
Sylpheed-claws Sylpheed-claws 0.9.6
Sylpheed-claws Sylpheed-claws
Sylpheed Sylpheed 2.0.1
Sylpheed Sylpheed 2.0.2
Sylpheed Sylpheed 2.1.1
Sylpheed Sylpheed 2.1.3
Sylpheed Sylpheed 2.1.5
Sylpheed Sylpheed 2.1.4
Sylpheed-claws Sylpheed-claws 1.0.2
Sylpheed Sylpheed 2.0.3
Sylpheed Sylpheed 2.1
NA
CVE-2005-3354
Stack-based buffer overflow in the ldif_get_line function in ldif.c of Sylpheed prior to 2.1.6 allows user-assisted malicious users to execute arbitrary code by having local users import LDIF files with long lines.
Sylpheed Sylpheed 0.9.5
Sylpheed Sylpheed 0.9.6
Sylpheed Sylpheed 1.0.3
Sylpheed Sylpheed 1.0.4
Sylpheed Sylpheed 2.1.2
Sylpheed Sylpheed 2.1.3
Sylpheed Sylpheed 0.9.7
Sylpheed Sylpheed 0.9.8
Sylpheed Sylpheed 2.0
Sylpheed Sylpheed 2.0.1
Sylpheed Sylpheed 2.1.4
Sylpheed Sylpheed 2.1.5
Sylpheed Sylpheed 0.9.11
Sylpheed Sylpheed 0.9.12
Sylpheed Sylpheed 0.9.4
Sylpheed Sylpheed 1.0.1
Sylpheed Sylpheed 1.0.2
Sylpheed Sylpheed 2.1
Sylpheed Sylpheed 2.1.1
Sylpheed Sylpheed 0.8.11
Sylpheed Sylpheed 0.9.10
Sylpheed Sylpheed 0.9.9
NA
CVE-2005-0926
Buffer overflow in Sylpheed prior to 1.0.4 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via attachments with MIME-encoded file names.
Sylpheed Sylpheed 0.9.10
Sylpheed Sylpheed 0.9.12
Sylpheed Sylpheed 0.9.8
Sylpheed Sylpheed 0.9.4
Sylpheed Sylpheed 0.9.5
Sylpheed Sylpheed 0.9.6
Sylpheed Sylpheed 0.9.7
Sylpheed Sylpheed 1.0.2
Sylpheed Sylpheed 1.0.3
Sylpheed Sylpheed 1.0.0
Sylpheed Sylpheed 0.8.11
Sylpheed Sylpheed 0.9.11
Sylpheed Sylpheed 0.9.9
Sylpheed Sylpheed 1.0.1
NA
CVE-2005-0667
Buffer overflow in Sylpheed prior to 1.0.3 and other versions prior to 1.9.5 allows remote malicious users to execute arbitrary code via an e-mail message with certain headers containing non-ASCII characters that are not properly handled when the user replies to the message.
Sylpheed Sylpheed 0.9.6
Sylpheed Sylpheed 0.9.7
Sylpheed Sylpheed 0.9.8
Sylpheed Sylpheed 0.9.9
Sylpheed Sylpheed 0.9.10
Sylpheed Sylpheed 0.9.12
Sylpheed Sylpheed 0.9.5
Sylpheed Sylpheed 0.9.99
Sylpheed Sylpheed 1.0.1
Sylpheed-claws Sylpheed-claws 1.0.2
Sylpheed Sylpheed 0.8.11
Sylpheed Sylpheed 0.9.11
Sylpheed Sylpheed 0.9.4
Sylpheed Sylpheed 1.0.0
Sylpheed Sylpheed 1.0.2
Redhat Enterprise Linux 2.1
Redhat Fedora Core Core 3.0
Redhat Linux Advanced Workstation 2.1
Altlinux Alt Linux 2.3
Gentoo Linux
NA
CVE-2003-0852
Format string vulnerability in send_message.c for Sylpheed-claws 0.9.4 up to and including 0.9.6 allows remote SMTP servers to cause a denial of service (crash) in sylpheed via format strings in an error message.
Sylpheed-claws Sylpheed-claws 0.9.4
Sylpheed-claws Sylpheed-claws 0.9.5
Sylpheed Sylpheed 0.9.5
Sylpheed Sylpheed 0.9.6
Sylpheed-claws Sylpheed-claws 0.9.6
Sylpheed Sylpheed 0.9.4
NA
CVE-2003-0300
The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors.
Mozilla Mozilla 1.3
Mozilla Mozilla 1.4
Microsoft Outlook Express 6.00.2800.1106
University Of Washington Pine 4.53
Ximian Evolution 1.2.4
Mutt Mutt 1.4.1
Qualcomm Eudora 5.2.1
Stuart Parmenter Balsa 2.0.10
Sylpheed Sylpheed Email Client 0.8.11
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started