Security Advisory

CVE-2003-0143

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2004-09-01 04:00:00

Last updated 2024-08-08 01:43:36

Assigner mitre

State PUBLISHED

Description

The pop_msg function in qpopper 4.0.x before 4.0.5fc2 does not null terminate a message buffer after a call to Qvsnprintf, which could allow authenticated users to execute arbitrary code via a buffer overflow in a mdef command with a long macro name.

← Browse all CVEs View on cve.org ↗