Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Format string vulnerability in send_message.c for Sylpheed-claws 0.9.4 through 0.9.6 allows remote SMTP servers to cause a denial of service (crash) in sylpheed via format strings in an error message.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Sylpheed-Claws Mail客户端SMTP错误报告串处理漏洞
Vulnerability Description
Sylpheed-Claws Mail是一款邮件客户端软件。 Sylpheed-Claws Mail没有正确处理服务器端返回的错误消息,远程攻击者可以利用这个漏洞对客户端进行格式串攻击。 问题存在于Sylpheed-Claws Mail的send_message.c文件中,其中包含alertpanel_error_log(err_msg);函数,由于没有使用格式串,攻击者伪造SMTP服务器提交包含格式字符串的错误消息,当Sylpheed-Claws Mail处理时可破坏内存信息,精心构建提交数据可能以邮件
CVSS Information
N/A
Vulnerability Type
N/A