Buffer Overflow Vulnerability in Fetchmail Affects Multiple Versions
CVE-2010-0562

Currently unrated

Key Information:

Vendor

Fetchmail

Status
Fetchmail
Vendor
CVE Published:
8 February 2010

What is CVE-2010-0562?

The sdump function in sdump.c of Fetchmail versions 6.3.11, 6.3.12, and 6.3.13 can be exploited when running in verbose mode, particularly on platforms where char is signed. This vulnerability arises when an SSL X.509 certificate containing non-printable characters with the high bit set is processed, resulting in a heap-based buffer overflow. This can lead to application crashes or could potentially allow remote attackers to execute arbitrary code.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.mandriva.com/security/advisories?name=MDVSA-20...
vendor-advisoryx_refsource_MANDRIVA
http://www.fetchmail.info/fetchmail-SA-2010-01.txt
x_refsource_CONFIRM
http://www.securityfocus.com/bid/38088
vdb-entryx_refsource_BID

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.