Buffer Overflow Vulnerability in dtmail on HP Tru64 UNIX and HP-UX
CVE-2006-5452

Currently unrated

Key Information:

Vendor: HP
Status: Tru64; HP-ux
Vendor: CVE Published:; 23 October 2006

Summary

A buffer overflow vulnerability exists in the dtmail utility on HP Tru64 UNIX and HP-UX systems, which allows local users to potentially execute arbitrary code. This vulnerability is triggered by supplying a long argument to the -a option, which is used for attachments. When this occurs, it can lead to overwriting the memory space in the application, resulting in unauthorized actions being performed on behalf of the user.

References

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://h20000.www2.hp.com/bizsupport/TechSupport/Document...

vendor-advisoryx_refsource_HP

http://securitytracker.com/id?1017083

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Oct 23, 2006
Vulnerability Reserved
Oct 23, 2006