FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

hcode -- buffer overflow in mail.c

Affected packages
ko-hcode < 2.1.3_2

Details

VuXML ID da4adc02-07f4-11ef-960d-5404a68ad561
Discovery 2024-04-29
Entry 2024-05-01

The openSUSE project reports:

The problematic function in question is putSDN() in mail.c. The static variable `cp` is used as an index for a fixed-sized buffer `ibuf`. There is a range check: `if ( cp >= HDR_BUF_LEN ) ...` but under certain circumstances, cp can be incremented beyond the buffer size, leading to a buffer overwrite

[source]

References

CVE Name CVE-2024-34020
URL https://bugzilla.suse.com/show_bug.cgi?id=1223534

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.