Fetchmail 6.1.3 and Earlier Heap-Based Buffer Overflow Vulnerability

Fetchmail 6.1.3 and Earlier Heap-Based Buffer Overflow Vulnerability

CVE-2002-1365 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Heap-based buffer overflow in Fetchmail 6.1.3 and earlier does not account for the "@" character when determining buffer lengths for local addresses, which allows remote attackers to execute arbitrary code via a header with a large number of local addresses.

Learn more about our Web Application Penetration Testing UK.