In GNOME Balsa prior to 2.6.0, a malicious server operator or man in the middle can trigger a NULL pointer dereference and client crash by sending a PREAUTH response to imap_mbox_connect in libbalsa/imap/imap-handle.c.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gnome balsa |
||
opensuse leap 15.1 |
||
opensuse backports sle 15.0 |