Total
24 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2010-0562 | 1 Fetchmail | 1 Fetchmail | 2011-04-26 | 6.8 MEDIUM | N/A |
The sdump function in sdump.c in fetchmail 6.3.11, 6.3.12, and 6.3.13, when running in verbose mode on platforms for which char is signed, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an SSL X.509 certificate containing non-printable characters with the high bit set, which triggers a heap-based buffer overflow during escaping. | |||||
CVE-2001-1378 | 1 Fetchmail | 1 Fetchmail | 2011-02-15 | 2.1 LOW | N/A |
fetchmailconf in fetchmail before 5.7.4 allows local users to overwrite files of other users via a symlink attack on temporary files. | |||||
CVE-2001-1009 | 1 Fetchmail | 1 Fetchmail | 2011-02-15 | 10.0 HIGH | N/A |
Fetchmail (aka fetchmail-ssl) before 5.8.17 allows a remote malicious (1) IMAP server or (2) POP/POP3 server to overwrite arbitrary memory and possibly gain privileges via a negative index number as part of a response to a LIST request. | |||||
CVE-2002-0146 | 1 Fetchmail | 1 Fetchmail | 2011-02-15 | 5.0 MEDIUM | N/A |
fetchmail email client before 5.9.10 does not properly limit the maximum number of messages available, which allows a remote IMAP server to overwrite memory via a message count that exceeds the boundaries of an array. |