CVE-2007-2958
Published: 27 August 2007
Format string vulnerability in the inc_put_error function in src/inc.c in Sylpheed 2.4.4, and Sylpheed-Claws (Claws Mail) 1.9.100 and 2.10.0, allows remote POP3 servers to execute arbitrary code via format string specifiers in crafted replies.
Priority
Status
Package | Release | Status |
---|---|---|
claws-mail Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
edgy |
Does not exist
|
|
feisty |
Does not exist
|
|
gutsy |
Released
(2.10.0-3ubuntu3)
|
|
upstream |
Needs triage
|
|
sylpheed Launchpad, Ubuntu, Debian |
dapper |
Released
(2.2.4-1ubuntu1.1)
|
edgy |
Released
(2.2.7-1ubuntu0.1)
|
|
feisty |
Released
(2.3.1-1~ubuntu1.1)
|
|
gutsy |
Released
(2.4.5-1)
|
|
upstream |
Needs triage
|
|
sylpheed-claws Launchpad, Ubuntu, Debian |
dapper |
Released
(1.0.5-2ubuntu0.1)
|
edgy |
Released
(1.0.5-4ubuntu0.1)
|
|
feisty |
Released
(1.0.5-5.1ubuntu0.1)
|
|
gutsy |
Does not exist
|
|
upstream |
Needs triage
|
|
sylpheed-claws-gtk2 Launchpad, Ubuntu, Debian |
dapper |
Released
(2.1.1-1ubuntu1.1)
|
edgy |
Released
(2.5.0~rc3-1ubuntu0.1)
|
|
feisty |
Released
(2.6.0-1.1ubuntu1.1)
|
|
gutsy |
Does not exist
|
|
upstream |
Needs triage
|