CVE-2004-1007

Published Mar 1, 2005

Last updated 7 years ago

CVSS info 5.0

Overview

Description: The quoted-printable decoder in bogofilter 0.17.4 to 0.92.7 allows remote attackers to cause a denial of service (application crash) via mail headers that cause a line feed (LF) to be replaced by a null byte that is written to an incorrect memory address.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:bogofilter:email_filter:0.9.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4219CFEB-559A-473D-BE6B-86A9FCA2C653"
          },
          {
            "criteria": "cpe:2.3:o:bogofilter:email_filter:0.9.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "925D3591-4D0E-48A7-85B3-186A44775648"
          },
          {
            "criteria": "cpe:2.3:o:bogofilter:email_filter:0.9.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1EA9F713-AFF9-4246-BEF6-3F878D4859F3"
          },
          {
            "criteria": "cpe:2.3:o:bogofilter:email_filter:0.92:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4920DD7B-1345-4BB7-8E34-9A19FDEE4A17"
          },
          {
            "criteria": "cpe:2.3:o:bogofilter:email_filter:0.92.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8C69E15B-BD2E-4CD4-B0C1-27080C378CDA"
          },
          {
            "criteria": "cpe:2.3:o:bogofilter:email_filter:0.92.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "29F61AE7-DD1E-40C7-A068-3544EE529BFF"
          },
          {
            "criteria": "cpe:2.3:o:bogofilter:email_filter:0.92.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D91F10AC-9857-439B-869A-11B7A6ECE515"
          },
          {
            "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7"
          },
          {
            "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References