FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  371418
Date:      2014-10-24
Time:      01:58:13Z
Committer: zi

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
f66e011d-13ff-11da-af41-0004614cc33delm -- remote buffer overflow in Expires header

Ulf Harnhammar has discovered a remotely exploitable buffer overflow in Elm e-mail client when parsing the Expires header of an e-mail message:

The attacker only needs to send the victim an e-mail message. When the victim with that message in his or her inbox starts Elm or simply views the inbox in an already started copy of Elm, the buffer overflow will happen immediately. The overflow is stack-based, and it gives full control over EIP, EBP and EBX. It is caused by a bad sscanf(3) call, using a format string containing "%s" to copy from a long char array to a shorter array.


Discovery 2005-08-20
Entry 2005-08-23
elm
lt 2.5.8

http://archives.neohapsis.com/archives/fulldisclosure/2005-08/0688.html
f66e011d-13ff-11da-af41-0004614cc33delm -- remote buffer overflow in Expires header

Ulf Harnhammar has discovered a remotely exploitable buffer overflow in Elm e-mail client when parsing the Expires header of an e-mail message:

The attacker only needs to send the victim an e-mail message. When the victim with that message in his or her inbox starts Elm or simply views the inbox in an already started copy of Elm, the buffer overflow will happen immediately. The overflow is stack-based, and it gives full control over EIP, EBP and EBX. It is caused by a bad sscanf(3) call, using a format string containing "%s" to copy from a long char array to a shorter array.


Discovery 2005-08-20
Entry 2005-08-23
elm
lt 2.5.8

http://archives.neohapsis.com/archives/fulldisclosure/2005-08/0688.html