CVE-2002-1043

Ultrafunk Popcorn 1.20 - Denial of Service via Malformed Subject Header

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-1043. PoCs published by Auriemma Luigi.

AI-analyzed exploit summary The exploit describes a denial of service vulnerability in Ultrafunk Popcorn email client, triggered by malformed messages with excessive data or malformed subject fields, or dates with years beyond 2037.

Description

Ultrafunk Popcorn 1.20 allows remote attackers to cause a denial of service (crash) via a malformed Subject ("\t\t").

Exploits (1)

exploitdb WRITEUP VERIFIED

by Auriemma Luigi · textdoswindows

https://www.exploit-db.com/exploits/21612

View Code ZIP pw:eip

The exploit describes a denial of service vulnerability in Ultrafunk Popcorn email client, triggered by malformed messages with excessive data or malformed subject fields, or dates with years beyond 2037.

Classification

Writeup 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Ultrafunk Popcorn email client

No auth needed

Prerequisites: Ability to send malformed email messages to the target

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Patch, Vendor Advisory vdb-entry x_refsource_xf

http://www.iss.net/security_center/static/9547.php

Third Party Advisory mailing-list x_refsource_bugtraq

http://archives.neohapsis.com/archives/bugtraq/2002-07/0117.html

Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/5212

Scores

EPSS 0.0328

EPSS Percentile 86.8%

Details

Status published

Products (1)

ultrafunk/popcorn 1.20

Published Oct 04, 2002

Tracked Since Feb 18, 2026