CVE-2007-5740

EPSS 25.5%

perdition - format string vulnerability

Published: 10/31/2007Modified: 4/28/2026

Description

The format string protection mechanism in IMAPD for Perdition Mail Retrieval Proxy 1.17 and earlier allows remote attackers to execute arbitrary code via an IMAP tag with a null byte followed by a format string specifier, which is not counted by the mechanism.

Affected packages (3)

Debian/perditionfrom 0, < 1.17.1-1
Debian/perditionfrom 0, < 1.17-7etch1
Debian/perditionfrom 0, < 1.17-8+lenny1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2007-5740