Format string vulnerability in ANSI C Sender Policy Framework library (libspf) prior to 1.0.0-p5, when debugging is enabled, allows remote malicious users to execute arbitrary code via format string specifiers, possibly in an e-mail address.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
libspf libspf 1.0.0_p4 |