Search CVE reports
1 – 7 of 7 results
CVE-2021-37746
Medium prioritytextview_uri_security_check in textview.c in Claws Mail before 3.18.0, and Sylpheed through 3.7.0, does not have sufficient link checks before accepting a click.
2 affected packages
claws-mail, sylpheed
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
claws-mail | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
sylpheed | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2017-17517
Medium prioritylibsylph/utils.c in Sylpheed through 3.6 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.
1 affected packages
sylpheed
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
sylpheed | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
CVE-2007-2958
Unknown priorityFormat string vulnerability in the inc_put_error function in src/inc.c in Sylpheed 2.4.4, and Sylpheed-Claws (Claws Mail) 1.9.100 and 2.10.0, allows remote POP3 servers to execute arbitrary code via format string specifiers in...
4 affected packages
claws-mail, sylpheed, sylpheed-claws, sylpheed-claws-gtk2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
claws-mail | — | — | — | — | — |
sylpheed | — | — | — | — | — |
sylpheed-claws | — | — | — | — | — |
sylpheed-claws-gtk2 | — | — | — | — | — |
CVE-2007-1267
Negligible prioritySylpheed 2.2.7 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Sylpheed from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components,...
1 affected packages
sylpheed
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
sylpheed | — | — | — | — | — |
CVE-2006-2920
Unknown prioritySome fixes available 14 of 17
Sylpheed-Claws before 2.2.2 and Sylpheed before 2.2.6 allow remote attackers to bypass the URI check functionality and makes it easier to conduct phishing attacks via a URI that begins with a space character.
4 affected packages
claws-mail, sylpheed-claws, sylpheed-claws-gtk2, sylpheed-gtk1
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
claws-mail | — | — | — | — | — |
sylpheed-claws | — | — | — | — | — |
sylpheed-claws-gtk2 | — | — | — | — | — |
sylpheed-gtk1 | — | — | — | — | — |
CVE-2005-3354
Unknown priorityStack-based buffer overflow in the ldif_get_line function in ldif.c of Sylpheed before 2.1.6 allows user-assisted attackers to execute arbitrary code by having local users import LDIF files with long lines.
3 affected packages
nbd, sylpheed, sylpheed-claws
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
nbd | — | — | — | — | — |
sylpheed | — | — | — | — | — |
sylpheed-claws | — | — | — | — | — |
CVE-2005-0926
Unknown priorityBuffer overflow in Sylpheed before 1.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attachments with MIME-encoded file names.
1 affected packages
sylpheed
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
sylpheed | — | — | — | — | — |