Buffer Overflow in Qpopper Affects Local User Security
CVE-2002-0889

Currently unrated

Key Information:

Vendor: Qualcomm
Status: Qpopper
Vendor: CVE Published:; 4 October 2002

Summary

A buffer overflow vulnerability exists in Qpopper versions 4.0.4 and earlier due to improper handling of input arguments in the user's .qpopper-options configuration file. This weakness can be exploited by local users who provide excessively long 'bulldir' arguments, potentially leading to denial of service or arbitrary code execution within the vulnerable application.

References

http://online.securityfocus.com/archive/1/269969

mailing-listx_refsource_BUGTRAQ

http://marc.info/?l=vuln-dev&m=102003707432457&w=2

mailing-listx_refsource_VULN-DEV

http://www.iss.net/security_center/static/8949.php

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Oct 4, 2002
Vulnerability Reserved
Aug 16, 2002