CVE-2003-0852

Summary

CVE	CVE-2003-0852
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2003-11-17 05:00:00 UTC
Updated	2017-07-11 01:29:00 UTC
Description	Format string vulnerability in send_message.c for Sylpheed-claws 0.9.4 through 0.9.6 allows remote SMTP servers to cause a denial of service (crash) in sylpheed via format strings in an error message.

Risk And Classification

Problem Types: NVD-CWE-Other

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Sylpheed	Sylpheed	0.9.4	All	All	All
Application	Sylpheed	Sylpheed	0.9.5	All	All	All
Application	Sylpheed	Sylpheed	0.9.6	All	All	All
Application	Sylpheed	Sylpheed	0.9.4	All	All	All
Application	Sylpheed	Sylpheed	0.9.5	All	All	All
Application	Sylpheed	Sylpheed	0.9.6	All	All	All
Application	Sylpheed-claws	Sylpheed-claws	0.9.4	All	All	All
Application	Sylpheed-claws	Sylpheed-claws	0.9.5	All	All	All
Application	Sylpheed-claws	Sylpheed-claws	0.9.6	All	All	All
Application	Sylpheed-claws	Sylpheed-claws	0.9.4	All	All	All
Application	Sylpheed-claws	Sylpheed-claws	0.9.5	All	All	All
Application	Sylpheed-claws	Sylpheed-claws	0.9.6	All	All	All

References

Reference	Source	Link	Tags
IBM X-Force Exchange	XF	exchange.xforce.ibmcloud.com
[Full-Disclosure] Sylpheed-claws format string bug, yet still sylpheed much better than windows	FULLDISC	lists.grok.org.uk
Sylpheed-Claws Mail Client SMTP Error Reporting Format String Vulnerability	BID	www.securityfocus.com	Patch, Vendor Advisory
Sylpheed - a GTK+ based, lightweight, and fast e-mail client	CONFIRM	sylpheed.good-day.net
Sylpheed-claws format string bug, yet still sylpheed much better than window	MISC	www.guninski.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.