CVE-2008-3962
EPSS 0.61%
描述
The from_format function in ssmtp.c in ssmtp 2.61 and 2.62, in certain configurations, uses uninitialized memory for the From: field of an e-mail message, which might allow remote attackers to obtain sensitive information (memory contents) in opportunistic circumstances by reading a message.
如何修補 CVE-2008-3962
要修補 CVE-2008-3962,請將受影響套件升級到下列已修補版本。
- Debian/ssmtp—升級至 2.62-1.1 或更新版本
CVE-2008-3962 正在被利用嗎?
低 — EPSS 為 0.6%,目前沒有觀察到大規模利用活動。
受影響套件(1)
- from 0, < 2.62-1.1