CVE-2010-2494

Severity CVSS v4.0:
Pending analysis
Type:
CWE-119 Buffer Errors
Publication date:
08/07/2010
Last modified:
21/11/2024

Description

Multiple buffer underflows in the base64 decoder in base64.c in (1) bogofilter and (2) bogolexer in bogofilter before 1.2.2 allow remote attackers to cause a denial of service (heap memory corruption and application crash) via an e-mail message with invalid base64 data that begins with an = (equals) character.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:bogofilter:bogofilter:*:*:*:*:*:*:*:* 1.2.1 (including)
cpe:2.3:a:bogofilter:bogofilter:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:bogofilter:bogofilter:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:bogofilter:bogofilter:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:bogofilter:bogofilter:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:bogofilter:bogofilter:1.1.0:*:*:*:*:*:*:*
cpe:2.3:a:bogofilter:bogofilter:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:bogofilter:bogofilter:1.1.2:*:*:*:*:*:*:*
cpe:2.3:a:bogofilter:bogofilter:1.1.3:*:*:*:*:*:*:*
cpe:2.3:a:bogofilter:bogofilter:1.1.4:*:*:*:*:*:*:*
cpe:2.3:a:bogofilter:bogofilter:1.1.5:*:*:*:*:*:*:*
cpe:2.3:a:bogofilter:bogofilter:1.1.6:*:*:*:*:*:*:*
cpe:2.3:a:bogofilter:bogofilter:1.1.7:*:*:*:*:*:*:*
cpe:2.3:a:bogofilter:bogofilter:1.2.0:*:*:*:*:*:*:*


References to Advisories, Solutions, and Tools