CVE-2010-2494
bogofilter < 1.2.2 - Denial of Service via Base64 Decoder Buffer Underflow
Title source: llmDescription
Multiple buffer underflows in the base64 decoder in base64.c in (1) bogofilter and (2) bogolexer in bogofilter before 1.2.2 allow remote attackers to cause a denial of service (heap memory corruption and application crash) via an e-mail message with invalid base64 data that begins with an = (equals) character.
References (20)
Core 20
Core References
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046558.html
Patch mailing-list
x_refsource_mlist
http://marc.info/?l=oss-security&m=127840569013531&w=2
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/40427
Product x_refsource_confirm
http://bogofilter.sourceforge.net/security/bogofilter-SA-2010-01
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/41239
Product x_refsource_confirm
http://bogofilter.svn.sourceforge.net/viewvc/bogofilter/trunk/bogofilter/doc/bogofilter-SA-2010-01?revision=6909&pathrev=6909
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/66002
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00016.html
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00015.html
Mailing List mailing-list
x_refsource_mlist
http://marc.info/?l=oss-security&m=127844323105405&w=2
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00021.html
Patch x_refsource_confirm
http://bogofilter.svn.sourceforge.net/viewvc/bogofilter/trunk/bogofilter/src/base64.c?view=patch&r1=6906&r2=6903
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2010/2233
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/41339
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=611551
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046590.html
Mailing List mailing-list
x_refsource_mlist
http://marc.info/?l=oss-security&m=127814747231102&w=2
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-980-1
Mailing List mailing-list
x_refsource_mlist
http://marc.info/?l=oss-security&m=127831760712436&w=2
Scores
EPSS
0.0344
EPSS Percentile
87.6%
Details
CWE
CWE-119
Status
published
Products (14)
bogofilter/bogofilter
1.0.0
bogofilter/bogofilter
1.0.1
bogofilter/bogofilter
1.0.2
bogofilter/bogofilter
1.0.3
bogofilter/bogofilter
1.1.0
bogofilter/bogofilter
1.1.1
bogofilter/bogofilter
1.1.2
bogofilter/bogofilter
1.1.3
bogofilter/bogofilter
1.1.4
bogofilter/bogofilter
1.1.5
... and 4 more
Published
Jul 08, 2010
Tracked Since
Feb 18, 2026