CVE-2002-1337

Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.

Published: Mar 7, 2003
Updated: Apr 13, 2023
CVE: CVE-2002-1337
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-120

Affected Software
References

Software	From	Fixed in
netbsd / netbsd	1.5.3	1.5.3.x
netbsd / netbsd	1.6	1.6.x
hp / hp-ux	11.11	11.11.x
netbsd / netbsd	1.5	1.5.x
windriver / bsdos	4.2	4.2.x
sun / sunos	5.7	5.7.x
sun / sunos	5.8	5.8.x
gentoo / linux	1.4-rc1	1.4-rc1.x
hp / hp-ux	11.00	11.00.x
windriver / bsdos	5.0	5.0.x
netbsd / netbsd	1.5.1	1.5.1.x
hp / hp-ux	11.0.4	11.0.4.x
hp / hp-ux	11.22	11.22.x
netbsd / netbsd	1.5.2	1.5.2.x
hp / hp-ux	10.20	10.20.x
gentoo / linux	1.4-rc2	1.4-rc2.x
windriver / platform_sa	1.0	1.0.x
hp / hp-ux	10.10	10.10.x
windriver / bsdos	4.3.1	4.3.1.x
hp / alphaserver_sc	-	-
sendmail / sendmail	8.10.0	8.11.6
sendmail / sendmail	-	8.9.3
sendmail / sendmail	8.12.0	8.12.8
oracle / solaris	8	8.x
oracle / solaris	9	9.x
oracle / solaris	7.0	7.0.x
oracle / solaris	2.6	2.6.x

Vulnerability Database

289,599

CVE-2002-1337