CVE-2010-2725
EPSS 1.5%barnowl - arbitrary code execution
發布日:2010/8/5修改日:2026/4/28
也稱為:DEBIAN-CVE-2010-2725
描述
BarnOwl before 1.6.2 does not check the return code of calls to the (1) ZPending and (2) ZReceiveNotice functions in libzephyr, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.
受影響套件(2)
- Debian/barnowlfrom 0, < 1.6.2-1
- Debian/barnowlfrom 0, < 1.0.1-4+lenny2