First published: Fri Dec 31 2004(Updated: )
Buffer overflow in pop3.c in gnubiff before 2.0.0 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Gnu Gnubiff | =1.2.0 | |
Gnu Gnubiff | =1.0.6 | |
Gnu Gnubiff | =1.0.7 | |
Gnu Gnubiff | =1.0.5 | |
Gnu Gnubiff | =1.0.3 | |
Gnu Gnubiff | =1.4.0 | |
Gnu Gnubiff | =1.0.10 | |
Gnu Gnubiff | =1.0.9 | |
Gnu Gnubiff | =1.0.8 | |
Gnu Gnubiff | =1.0.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2004-2461 is classified as a high-severity vulnerability due to its potential to cause denial of service and execute arbitrary code.
To address CVE-2004-2461, upgrade to Gnubiff version 2.0.0 or later.
CVE-2004-2461 affects multiple versions of Gnubiff, specifically versions 1.0.3 through 1.4.0.
CVE-2004-2461 is a buffer overflow vulnerability which can lead to crashes or arbitrary code execution.
Yes, CVE-2004-2461 can be exploited remotely, allowing attackers to crash the service or potentially execute malicious code.