Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Sylpheed < 1.0.3 Invalid Header Overflow



The remote host is vulnerable to a buffer overflow.


The remote client is running Sylpheed, an email client for Unix and Unix-like operating systems. This version is vulnerable to a buffer overflow via invalid headers. Specifically, if a specially crafted email message is replied to, a buffer overflow may occur on the local machine. To exploit this, an attacker would need to be able to craft an email and entice a local user to both read and reply to the email. Successful exploitation would result in the attacker executing arbitrary code on the remote client.


Upgrade to version 1.0.3 or higher.