Page 2 of 7 results (0.003 seconds)

CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0

CVE-2014-2576

https://notcve.org/view.php?id=CVE-2014-2576

plugins/rssyl/feed.c in Claws Mail before 3.10.0 disables the CURLOPT_SSL_VERIFYHOST check for CN or SAN host name fields, which makes it easier for remote attackers to spoof servers and conduct man-in-the-middle (MITM) attacks. plugins/rssyl/feed.c en Claws Mail anterior a 3.10.0 deshabilita el check CURLOPT_SSL_VERYHOST para un los campos de nombre de anfitrión en CN o SAN, lo cual facilita a atacantes remotos la suplantación de servidores y la ejecución de ataques man-in-the-middle (MITM). • http://lists.opensuse.org/opensuse-updates/2014-10/msg00015.html http://seclists.org/oss-sec/2014/q1/636 http://secunia.com/advisories/60422 http://sourceforge.net/p/claws-mail/news/2014/05/claws-mail-3100-unleashed http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=3106 • CWE-310: Cryptographic Issues •

CVSS: 5.0EPSS: 5%CPEs: 1EXPL: 0

CVE-2012-4507

https://notcve.org/view.php?id=CVE-2012-4507

The strchr function in procmime.c in Claws Mail (aka claws-mail) 3.8.1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted email. La función strchr en procmime.c en Claws Mail (alias claws-mail) v3.8.1 permite a atacantes remotos provocar una denegación de servicio (desreferencia de puntero NULL y caída) mediante un correo electrónico modificado. • http://lists.opensuse.org/opensuse-updates/2012-10/msg00064.html http://www.openwall.com/lists/oss-security/2012/10/09/1 http://www.openwall.com/lists/oss-security/2012/10/09/3 http://www.openwall.com/lists/oss-security/2012/10/10/3 http://www.securityfocus.com/bid/55837 http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=2743 https://bugzilla.redhat.com/show_bug.cgi?id=862578 •