CVE-2005-4591

Publication date 31 December 2005

Last updated 24 July 2024


Ubuntu priority

Heap-based buffer overflow in bogofilter 0.96.2, 0.95.2, 0.94.14, 0.94.12, and other versions from 0.93.5 to 0.96.2, when using Unicode databases, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via "invalid input sequences" that lead to heap corruption when bogofilter or bogolexer converts character sets.

Status

Package Ubuntu Release Status
bogofilter 7.04 feisty
Fixed 1.0.1-1ubuntu1
6.10 edgy
Fixed 1.0.1-1ubuntu1
6.06 LTS dapper
Fixed 1.0.1-1ubuntu1

References

Related Ubuntu Security Notices (USN)

    • USN-240-1
    • bogofilter vulnerability
    • 12 January 2006

Other references