説明
Stack-based buffer overflow in the ir_fetch_seq function in balsa before 2.3.20 might allow remote IMAP servers to execute arbitrary code via a long response to a FETCH command.
AI分析AIによる分析
影響を受ける製品
gnomebalsa
1.1.7
gnomebalsa
1.2.4
gnomebalsa
1.4
gnomebalsa
1.4.3
gnomebalsa
2.0.6
gnomebalsa
2.0.10
gnomebalsa
2.0.16
gnomebalsa
2.0.17
gnomebalsa
2.0.18
gnomebalsa
2.1
gnomebalsa
2.1.1
gnomebalsa
2.1.2
gnomebalsa
2.1.3
gnomebalsa
2.1.90
gnomebalsa
2.1.91
gnomebalsa
2.2
gnomebalsa
2.2.1
gnomebalsa
2.2.2
gnomebalsa
2.2.3
gnomebalsa
2.2.4
gnomebalsa
2.2.5
gnomebalsa
2.2.6
gnomebalsa
2.3
gnomebalsa
2.3.1
gnomebalsa
2.3.2
gnomebalsa
2.3.3
gnomebalsa
2.3.4
gnomebalsa
2.3.5
gnomebalsa
2.3.6
gnomebalsa
2.3.7
gnomebalsa
2.3.8
gnomebalsa
2.3.10
gnomebalsa
2.3.11
gnomebalsa
2.3.12
gnomebalsa
2.3.13
gnomebalsa
2.3.14
gnomebalsa
2.3.15
gnomebalsa
2.3.16
gnomebalsa
2.3.17
gnomebalsa
2.3.19
参照
- http://bugs.gentoo.org/show_bug.cgi?id=193179Exploit
- http://bugzilla.gnome.org/show_bug.cgi?id=474366
- http://mail.gnome.org/archives/balsa-list/2007-September/msg00010.htmlPatch
- http://osvdb.org/40585
- http://secunia.com/advisories/26947Vendor Advisory
- http://secunia.com/advisories/26987Vendor Advisory
- http://secunia.com/advisories/27272Vendor Advisory
- http://www.gentoo.org/security/en/glsa/glsa-200710-17.xml
- http://www.novell.com/linux/security/advisories/2007_19_sr.html
- http://www.securityfocus.com/bid/25777Patch
- http://www.vupen.com/english/advisories/2007/3263
- https://bugzilla.redhat.com/show_bug.cgi?id=297581
- http://bugs.gentoo.org/show_bug.cgi?id=193179Exploit
- http://bugzilla.gnome.org/show_bug.cgi?id=474366
- http://mail.gnome.org/archives/balsa-list/2007-September/msg00010.htmlPatch
- http://osvdb.org/40585
- http://secunia.com/advisories/26947Vendor Advisory
- http://secunia.com/advisories/26987Vendor Advisory
- http://secunia.com/advisories/27272Vendor Advisory
- http://www.gentoo.org/security/en/glsa/glsa-200710-17.xml