Vulnerability Description
The quoted-printable decoder in bogofilter 0.17.4 to 0.92.7 allows remote attackers to cause a denial of service (application crash) via mail headers that cause a line feed (LF) to be replaced by a null byte that is written to an incorrect memory address.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bogofilter | Email Filter | 0.9.0.3 |
| Ubuntu | Ubuntu Linux | 4.1 |
References
- http://bogofilter.sourceforge.net/security/bogofilter-SA-2004-01
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17916
- http://bogofilter.sourceforge.net/security/bogofilter-SA-2004-01
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17916
FAQ
What is CVE-2004-1007?
CVE-2004-1007 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The quoted-printable decoder in bogofilter 0.17.4 to 0.92.7 allows remote attackers to cause a denial of service (application crash) via mail headers that cause a line feed (LF) to be replaced by a nu...
How severe is CVE-2004-1007?
CVE-2004-1007 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-1007?
Check the references section above for vendor advisories and patch information. Affected products include: Bogofilter Email Filter, Ubuntu Ubuntu Linux.