CVE-2012-4507

NameCVE-2012-4507
DescriptionThe strchr function in procmime.c in Claws Mail (aka claws-mail) 3.8.1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted email.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs690151

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
claws-mail (PTS)bullseye3.17.8-1fixed
bookworm4.1.1-2fixed
sid, trixie4.3.0-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
claws-mailsourcesqueeze3.7.6-4+squeeze1
claws-mailsource(unstable)3.8.1-2low690151

Notes

http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=2743
www.thewildbeast.co.uk/claws-mail/bugzilla/attachment.cgi?id=1165

Search for package or bug name: Reporting problems