← Back

CVE-2002-1337

nvd nist
Published: Mar 7, 2003Modified: Apr 16, 2026

JSON object

Loading...
10.0
Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
Exploitability: 10.0 / Impact: 10.0
Source: NVD

Description

Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.

Affected (28)

Products: Sendmail: Sendmail · Gentoo: Linux · Hp: Alphaserver Sc, Hp Ux · +4 more
Show all products
Sendmail: Sendmail · Gentoo: Linux · Hp: Alphaserver Sc, Hp Ux · Netbsd: Netbsd · Oracle: Solaris · Sun: Sunos · Windriver: Bsdos, Platform Sa
Sendmail
1 product
Sendmail
Gentoo
1 product
Linux
Hp
2 products
Alphaserver Sc
Hp Ux
Netbsd
1 product
Netbsd
Oracle
1 product
Solaris
Sun
1 product
Sunos
Windriver
2 products
Bsdos
Platform Sa
Configuration A
3 vulnerable
Vulnerable SoftwareAffected Versions
Sendmail
Sendmail
Before 8.9.3
Sendmail
From 8.10.0 to 8.11.6
Sendmail
From 8.12.0 to 8.12.8
Configuration B
25 vulnerable
Vulnerable SoftwareAffected Versions
Gentoo
Linux
Version 1.4 rc1
Linux
Version 1.4 rc2
Alphaserver Sc
All versions
Hp
Hp Ux
Version 10.10
Hp Ux
Version 10.20
Hp Ux
Version 11.0.4
Hp Ux
Version 11.00
Hp Ux
Version 11.11
Hp Ux
Version 11.22
Netbsd
Netbsd
Version 1.5.1
Netbsd
Version 1.5.2
Netbsd
Version 1.5.3
Netbsd
Version 1.5
Netbsd
Version 1.6
Oracle
Solaris
Version 2.6
Solaris
Version 7.0
Solaris
Version 8
Solaris
Version 9
Sun
Sunos
All versions
Sunos
Version 5.7
Sunos
Version 5.8
Windriver
Bsdos
Version 4.2
Bsdos
Version 4.3.1
Bsdos
Version 5.0
Platform Sa
Version 1.0

Related CWEs

CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (50)

ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-002.txt.asc (unsafe URL)
Source: cve@mitre.org
Broken Link
ftp://ftp.sco.com/pub/updates/OpenServer/CSSA-2003-SCO.6 (unsafe URL)
Source: cve@mitre.org
Broken Link
ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.5 (unsafe URL)
Source: cve@mitre.org
Broken Link
ftp://patches.sgi.com/support/free/security/advisories/20030301-01-P (unsafe URL)
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Broken LinkPatchThird Party AdvisoryUS Government Resource
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Broken LinkPatchVendor Advisory
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Third Party AdvisoryUS Government Resource
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Broken LinkExploitPatchThird Party AdvisoryVDB EntryVendor Advisory
Source: cve@mitre.org
Broken LinkPatchVendor Advisory
Source: cve@mitre.org
Broken Link
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-002.txt.asc (unsafe URL)
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
ftp://ftp.sco.com/pub/updates/OpenServer/CSSA-2003-SCO.6 (unsafe URL)
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.5 (unsafe URL)
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
ftp://patches.sgi.com/support/free/security/advisories/20030301-01-P (unsafe URL)
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkPatchThird Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkPatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkExploitPatchThird Party AdvisoryVDB EntryVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkPatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link

Timeline

No history available yet.