CyberSec.Space Logo
Back to CVE Browser

CVE-2004-2238

MEDIUM
5.0
CVSS Severity Score
EPSS Score0.1830%
EPSS Percentile42.03th
PublishedDec 31, 2004
Last ModifiedApr 16, 2026

Vulnerability Description

Format string vulnerability in vsybase.c in vpopmail 5.4.2 and earlier has unknown impact and attack vectors. NOTE: in a followup post, it was observed that the source code used constants that, when compiled, became static format strings. Thus this is not a vulnerability

Affected Platforms (CPE)

No CPE configurations currently published for this record.

References & Advisories

πŸ”— http://archives.neohapsis.com/archives/bugtraq/2004-08/0226.html
πŸ”— http://archives.neohapsis.com/archives/bugtraq/2004-08/0264.html
πŸ”— http://archives.neohapsis.com/archives/bugtraq/2004-08/0286.html
πŸ”— http://www.osvdb.org/9147
πŸ”— http://www.securityfocus.com/bid/10962
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/17017
πŸ”— http://archives.neohapsis.com/archives/bugtraq/2004-08/0226.html
πŸ”— http://archives.neohapsis.com/archives/bugtraq/2004-08/0264.html

Related Vulnerabilities

CVE-2004-041810.0

serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow ...

CVE-2004-090410.0

Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird...

CVE-2004-100610.0

Format string vulnerability in the log functions in dhcpd for dhcp 2.x allows remote DNS servers to execute arbitrary code via cer...

CVE-2004-129010.0

Buffer overflow in the process_moves function in pgn2web.c for pgn2web 0.3 allows remote attackers to execute arbitrary code via a...