Format string vulnerability in the inc_put_error function in src/inc.c in Sylpheed 2.4.4, and Sylpheed-Claws (Claws Mail) 1.9.100 and 2.10.0, allows remote POP3 servers to execute arbitrary code via format string specifiers in crafted replies.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sylpheed-claws sylpheed-claws 1.9.100 |
||
sylpheed-claws sylpheed-claws 2.10.0 |
||
sylpheed sylpheed 2.4.4 |