Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2007-5740

Published: 31/10/2007 Updated: 15/10/2018
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 755
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Perdition Mail Retrieval Proxy

Vulnerability Summary

The format string protection mechanism in IMAPD for Perdition Mail Retrieval Proxy 1.17 and previous versions allows remote malicious users to execute arbitrary code via an IMAP tag with a null byte followed by a format string specifier, which is not counted by the mechanism.

Vulnerable Product Search on Vulmon Subscribe to Product

vergenet perdition mail retrieval proxy

Vendor Advisories

Debian CVElist Bug Report Logs: CVE-2007-5740 format string vulnerability
Debian Bug report logs - #448853 CVE-2007-5740 format string vulnerability Package: perdition; Maintainer for perdition is Simon Horman <horms@debianorg>; Source for perdition is src:perdition (PTS, buildd, popcon) Reported by: Nico Golde <nion@debianorg> Date: Thu, 1 Nov 2007 12:48:02 UTC Severity: grave Tags: p ...

Exploits

Exploit DB: Perdition 1.17 - IMAPD __STR_VWRITE Remote Format String
source: wwwsecurityfocuscom/bid/26270/info Perdition IMAP proxy server is prone to a remote format-string vulnerability because it fails to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printing function An attacker can exploit this issue to execute arbitrary machine code in the context o ...

References

CWE-134http://archives.neohapsis.com/archives/fulldisclosure/2007-10/0889.htmlhttp://www.sec-consult.com/300.htmlhttp://www.vergenet.net/linux/perdition/ChangeLog.shtmlhttp://www.debian.org/security/2007/dsa-1398http://www.securityfocus.com/bid/26270http://www.securitytracker.com/id?1018883http://secunia.com/advisories/27458http://secunia.com/advisories/27520http://www.vupen.com/english/advisories/2007/3677https://exchange.xforce.ibmcloud.com/vulnerabilities/38184http://www.securityfocus.com/archive/1/483034/100/0/threadedhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=448853https://nvd.nist.govhttps://www.exploit-db.com/exploits/30724/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946CVE-2024-30309CVE-2024-4761CVE-2024-30051type confusionmemory leakCVE-2024-30293reflected XSSCVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook