CVE-2012-5468

Heap-based buffer overflow in iconvert.c in the bogolexer component in Bogofilter before 1.2.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an email containing a base64 string that is decoded to incomplete multibyte characters.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 90%
VendorProductVersion
bogofilter_projectbogofilter
𝑥
≤ 1.2.2
bogofilter_projectbogofilter
1.0.0
bogofilter_projectbogofilter
1.0.1
bogofilter_projectbogofilter
1.0.2
bogofilter_projectbogofilter
1.0.3
bogofilter_projectbogofilter
1.1.0
bogofilter_projectbogofilter
1.1.1
bogofilter_projectbogofilter
1.1.2
bogofilter_projectbogofilter
1.1.3
bogofilter_projectbogofilter
1.1.4
bogofilter_projectbogofilter
1.1.5
bogofilter_projectbogofilter
1.1.6
bogofilter_projectbogofilter
1.1.7
bogofilter_projectbogofilter
1.2.0
bogofilter_projectbogofilter
1.2.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
bogofilter
sid
1.2.5-1
fixed
trixie
1.2.5-1
fixed
bookworm
1.2.5-1
fixed
bullseye
1.2.5-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
bogofilter
quantal
Fixed 1.2.2+dfsg1-1ubuntu0.12.10.1
released
precise
Fixed 1.2.2+dfsg1-1ubuntu0.12.04.1
released
oneiric
Fixed 1.2.2-3ubuntu1.1
released
lucid
Fixed 1.2.1-0ubuntu1.2
released
hardy
ignored
Common Weakness Enumeration
References
http://bogofilter.sourceforge.net/security/bogofilter-SA-2012-01
http://bogofilter.svn.sourceforge.net/viewvc/bogofilter?view=revision&revision=6973
http://bogofilter.svn.sourceforge.net/viewvc/bogofilter?view=revision&revision=6975
http://secunia.com/advisories/51334
http://secunia.com/advisories/51521
http://www.debian.org/security/2012/dsa-2585
http://www.mandriva.com/security/advisories?name=MDVSA-2013:064
http://www.openwall.com/lists/oss-security/2012/12/03/13
http://www.securityfocus.com/bid/56804
https://bugzilla.redhat.com/show_bug.cgi?id=883358
https://exchange.xforce.ibmcloud.com/vulnerabilities/80524
http://bogofilter.sourceforge.net/security/bogofilter-SA-2012-01
http://bogofilter.svn.sourceforge.net/viewvc/bogofilter?view=revision&revision=6973
http://bogofilter.svn.sourceforge.net/viewvc/bogofilter?view=revision&revision=6975
http://secunia.com/advisories/51334
http://secunia.com/advisories/51521
http://www.debian.org/security/2012/dsa-2585
http://www.mandriva.com/security/advisories?name=MDVSA-2013:064
http://www.openwall.com/lists/oss-security/2012/12/03/13
http://www.securityfocus.com/bid/56804
https://bugzilla.redhat.com/show_bug.cgi?id=883358
https://exchange.xforce.ibmcloud.com/vulnerabilities/80524