CVE-2012-4507

Published: Oct 22, 2012Modified: Apr 29, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

The strchr function in procmime.c in Claws Mail (aka claws-mail) 3.8.1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted email.

Affected (1)

Products: Claws Mail: Claws Mail

Claws Mail

1 product

Claws Mail

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Claws Mail Claws Mail	Version 3.8.1

References (14)

http://lists.opensuse.org/opensuse-updates/2012-10/msg00064.html

Source: secalert@redhat.com

http://www.openwall.com/lists/oss-security/2012/10/09/1

Source: secalert@redhat.com

Patch

http://www.openwall.com/lists/oss-security/2012/10/09/3

Source: secalert@redhat.com

http://www.openwall.com/lists/oss-security/2012/10/10/3

Source: secalert@redhat.com

http://www.securityfocus.com/bid/55837

Source: secalert@redhat.com

http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=2743

Source: secalert@redhat.com

Patch

https://bugzilla.redhat.com/show_bug.cgi?id=862578

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-updates/2012-10/msg00064.html