Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4591

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-4591
Last Modified 07 Mar 2011 09:28:32
Published 31 Dec 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-4591

Summary

Heap-based buffer overflow in bogofilter 0.96.2, 0.95.2, 0.94.14, 0.94.12, and other versions from 0.93.5 to 0.96.2, when using Unicode databases, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via "invalid input sequences" that lead to heap corruption when bogofilter or bogolexer converts character sets.

Vulnerable Systems

Operating System

  • Bogofilter Email Filter 0.93.5

  • Bogofilter Email Filter 0.94.12

  • Bogofilter Email Filter 0.94.14

  • Bogofilter Email Filter 0.95.2

  • Bogofilter Email Filter 0.96.2


References

BID - 16171

SECUNIA - 18352

CONFIRM - http://bogofilter.sourceforge.net/security/bogofilter-SA-2005-01

VUPEN - ADV-2006-0100

XF - bogofilter-unicode-bo(24118)

UBUNTU - USN-240-1

SECUNIA - 18717

SECUNIA - 18427

SUSE - SUSE-SR:2006:003


Last Updated: 27 May 2016 10:41:22