[原文]Off-by-one error in the POP3_readmsg function in popclient 3.0b6 allows remote attackers to cause a denial of service (application crash) via an e-mail message with a certain line length, which leads to a buffer overflow.
This issue has been disclosed by Dean White <email@example.com>.
popclient popclient 3.0 b6
It has been reported that popclient is affected by an off by one buffer overflow vulnerability. This issue is due to a failure of the application to properly manage static stack-based buffers.
Successful exploitation of this issue may cause a denial of service condition in the affected application; it is unlikely that this issue could be leveraged to execute code, however it may be possible.
No exploit is required to leverage this issue.
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: firstname.lastname@example.org <mailto:email@example.com>.