Search CVE reports
1 – 3 of 3 results
Format string vulnerability in the inc_put_error function in src/inc.c in Sylpheed 2.4.4, and Sylpheed-Claws (Claws Mail) 1.9.100 and 2.10.0, allows remote POP3 servers to execute arbitrary code via format string specifiers in...
4 affected packages
sylpheed, claws-mail, sylpheed-claws, sylpheed-claws-gtk2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| sylpheed | — | — | — | — |
| claws-mail | — | — | — | — |
| sylpheed-claws | — | — | — | — |
| sylpheed-claws-gtk2 | — | — | — | — |
Some fixes available 14 of 17
Sylpheed-Claws before 2.2.2 and Sylpheed before 2.2.6 allow remote attackers to bypass the URI check functionality and makes it easier to conduct phishing attacks via a URI that begins with a space character.
4 affected packages
claws-mail, sylpheed-claws, sylpheed-claws-gtk2, sylpheed-gtk1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| claws-mail | — | — | — | — |
| sylpheed-claws | — | — | — | — |
| sylpheed-claws-gtk2 | — | — | — | — |
| sylpheed-gtk1 | — | — | — | — |
Stack-based buffer overflow in the ldif_get_line function in ldif.c of Sylpheed before 2.1.6 allows user-assisted attackers to execute arbitrary code by having local users import LDIF files with long lines.
3 affected packages
nbd, sylpheed, sylpheed-claws
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| nbd | — | — | — | — |
| sylpheed | — | — | — | — |
| sylpheed-claws | — | — | — | — |