diff options
author | nectar <nectar@FreeBSD.org> | 2004-03-29 04:13:32 +0800 |
---|---|---|
committer | nectar <nectar@FreeBSD.org> | 2004-03-29 04:13:32 +0800 |
commit | 63aa489642b260b46e49b281adde8e510ed848b4 (patch) | |
tree | 0d75f4360401c65415f4e9c23e3a4faae5e69aa1 /security/vuxml | |
parent | fe69b078ad2098cc50458d6d351a1f64791535ef (diff) | |
download | freebsd-ports-gnome-63aa489642b260b46e49b281adde8e510ed848b4.tar.gz freebsd-ports-gnome-63aa489642b260b46e49b281adde8e510ed848b4.tar.zst freebsd-ports-gnome-63aa489642b260b46e49b281adde8e510ed848b4.zip |
Add Emil issue.
Diffstat (limited to 'security/vuxml')
-rw-r--r-- | security/vuxml/vuln.xml | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 9b53ab17812a..a96990d6e573 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -32,6 +32,38 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. "http://www.vuxml.org/dtd/vuxml-1/vuxml-10.dtd"> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="ce46b93a-80f2-11d8-9645-0020ed76ef5a"> + <topic>Buffer overflows and format string bugs in Emil</topic> + <affects> + <package> + <name>emil</name> + <range><le>2.1b9</le></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Ulf Härnhammar reports multiple buffer overflows in + Emil, some of which are triggered during the parsing + of attachment filenames. In addition, some format string bugs + are present in the error reporting code.</p> + <p>Depending upon local configuration, these vulnerabilities + may be exploited using specially crafted messages in order + to execute arbitrary code running with the privileges of + the user invoking Emil.</p> + </body> + </description> + <references> + <url>http://lists.netsys.com/pipermail/full-disclosure/2004-March/019325.html</url> + <url>http://www.debian.org/security/2004/dsa-468</url> + <cvename>CAN-2004-0152</cvename> + <cvename>CAN-2004-0153</cvename> + </references> + <dates> + <discovery>2004-03-24</discovery> + <entry>2004-03-28</entry> + </dates> + </vuln> + <vuln vid="290d81b9-80f1-11d8-9645-0020ed76ef5a"> <topic>oftpd denial-of-service vulnerability (PORT command)</topic> <affects> |