Search for vulnerabilities
Vulnerability details: VCID-rhgx-8qky-aaad
Vulnerability ID VCID-rhgx-8qky-aaad
Aliases CVE-2010-0562
Summary The sdump function in sdump.c in fetchmail 6.3.11, 6.3.12, and 6.3.13, when running in verbose mode on platforms for which char is signed, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an SSL X.509 certificate containing non-printable characters with the high bit set, which triggers a heap-based buffer overflow during escaping.
Status Published
Exploitability 0.5
Weighted Severity 6.1
Risk 3.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
System Score Found at
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.01751 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.02215 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.06643 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.06643 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.06643 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.06643 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.09415 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.09415 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.09415 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.09415 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.09415 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.09415 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.09415 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.09415 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.09415 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
epss 0.09415 https://api.first.org/data/v1/epss?cve=CVE-2010-0562
rhbs low https://bugzilla.redhat.com/show_bug.cgi?id=561839
cvssv2 6.8 https://nvd.nist.gov/vuln/detail/CVE-2010-0562
Reference id Reference type URL
http://mknod.org/svn/fetchmail/branches/BRANCH_6-3/fetchmail-SA-2010-01.txt
http://osvdb.org/62114
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0562.json
https://api.first.org/data/v1/epss?cve=CVE-2010-0562
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0562
http://secunia.com/advisories/38391
http://www.fetchmail.info/fetchmail-SA-2010-01.txt
http://www.mandriva.com/security/advisories?name=MDVSA-2010:037
http://www.securityfocus.com/bid/38088
http://www.securitytracker.com/id?1023543
http://www.vupen.com/english/advisories/2010/0296
561839 https://bugzilla.redhat.com/show_bug.cgi?id=561839
cpe:2.3:a:fetchmail:fetchmail:6.3.11:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fetchmail:fetchmail:6.3.11:*:*:*:*:*:*:*
cpe:2.3:a:fetchmail:fetchmail:6.3.12:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fetchmail:fetchmail:6.3.12:*:*:*:*:*:*:*
cpe:2.3:a:fetchmail:fetchmail:6.3.13:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fetchmail:fetchmail:6.3.13:*:*:*:*:*:*:*
CVE-2010-0562 https://nvd.nist.gov/vuln/detail/CVE-2010-0562
GLSA-201006-12 https://security.gentoo.org/glsa/201006-12
No exploits are available.
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2010-0562
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.80884
EPSS Score 0.01751
Published At March 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.