CVE DATABASE / CVE-2002-1337
CVE-2002-1337
CVSS 10 · HIGH
Summary
Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.
CVSS 2.0 breakdown
| Base score | 10 (HIGH) |
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
| Attack vector | NETWORK |
| Attack complexity | LOW |
| Confidentiality | COMPLETE |
| Integrity | COMPLETE |
| Availability | COMPLETE |
Weakness type (CWE)
Affected products
Sendmail sendmailHp alphaserver scGentoo linuxHp hp-uxNetbsd netbsdOracle solarisSun sunosWindriver bsdosWindriver platform sa
Check this CVE live
Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.
References
- ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-002.txt.asc
- ftp://ftp.sco.com/pub/updates/OpenServer/CSSA-2003-SCO.6
- ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.5
- ftp://patches.sgi.com/support/free/security/advisories/20030301-01-P
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000571
- http://frontal2.mandriva.com/security/advisories?name=MDKSA-2003:028
- http://marc.info/?l=bugtraq&m=104673778105192&w=2
- http://marc.info/?l=bugtraq&m=104678739608479&w=2
- http://marc.info/?l=bugtraq&m=104678862109841&w=2
- http://marc.info/?l=bugtraq&m=104678862409849&w=2
- http://marc.info/?l=bugtraq&m=104679411316818&w=2
- http://www-1.ibm.com/support/search.wss?rs=0&q=IY40500&apar=only
- http://www-1.ibm.com/support/search.wss?rs=0&q=IY40501&apar=only
- http://www-1.ibm.com/support/search.wss?rs=0&q=IY40502&apar=only
- http://www.cert.org/advisories/CA-2003-07.html
Data: NIST NVD. NVD last modified 2026-04-16. Always verify against the vendor advisory before acting.