CVE-2010-0793 - Vulnerability Details - OpenCVE

Buffer overflow in BarnOwl before 1.5.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted CC: header.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Barnowl	Barnowl

Configuration 1 [-]

OR	cpe:2.3:a:barnowl:barnowl::::::::
	cpe:2.3:a:barnowl:barnowl:1.0.0:::::::*
	cpe:2.3:a:barnowl:barnowl:1.0.1:::::::*
	cpe:2.3:a:barnowl:barnowl:1.0.2:::::::*
	cpe:2.3:a:barnowl:barnowl:1.0.2.1:::::::*
	cpe:2.3:a:barnowl:barnowl:1.0.3:::::::*
	cpe:2.3:a:barnowl:barnowl:1.0.4:::::::*
	cpe:2.3:a:barnowl:barnowl:1.0.4.1:::::::*
	cpe:2.3:a:barnowl:barnowl:1.0.5:::::::*
	cpe:2.3:a:barnowl:barnowl:1.1:::::::*
	cpe:2.3:a:barnowl:barnowl:1.1.1:::::::*
	cpe:2.3:a:barnowl:barnowl:1.2:::::::*
	cpe:2.3:a:barnowl:barnowl:1.2.1:::::::*
	cpe:2.3:a:barnowl:barnowl:1.3:::::::*
	cpe:2.3:a:barnowl:barnowl:1.4:::::::*
	cpe:2.3:a:barnowl:barnowl:1.4:rc1::::::
	cpe:2.3:a:barnowl:barnowl:1.5:rc1::::::
	cpe:2.3:a:barnowl:barnowl:1.5:rc2::::::

No data.

References

Link	Providers
http://barnowl.mit.edu/wiki/barnowl-1.5.1-announce
http://secunia.com/advisories/39908
http://www.debian.org/security/2010/dsa-2049
http://www.vupen.com/english/advisories/2010/1218

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2010-03-16T19:00:00

Updated: 2024-08-07T00:59:39.194Z

Reserved: 2010-03-02T00:00:00

Link: CVE-2010-0793

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2010-03-16T19:30:00.463

Modified: 2025-04-11T00:51:21.963

Link: CVE-2010-0793

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-03-02T00:00:00", "descriptions": [{"lang": "en", "value": "Buffer overflow in BarnOwl before 1.5.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted CC: header."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2010-04-30T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "ADV-2010-1218", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/1218"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://barnowl.mit.edu/wiki/barnowl-1.5.1-announce"}, {"name": "DSA-2049", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2010/dsa-2049"}, {"name": "39908", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/39908"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-0793", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Buffer overflow in BarnOwl before 1.5.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted CC: header."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ADV-2010-1218", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/1218"}, {"name": "http://barnowl.mit.edu/wiki/barnowl-1.5.1-announce", "refsource": "CONFIRM", "url": "http://barnowl.mit.edu/wiki/barnowl-1.5.1-announce"}, {"name": "DSA-2049", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2010/dsa-2049"}, {"name": "39908", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/39908"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T00:59:39.194Z"}, "title": "CVE Program Container", "references": [{"name": "ADV-2010-1218", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2010/1218"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://barnowl.mit.edu/wiki/barnowl-1.5.1-announce"}, {"name": "DSA-2049", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2010/dsa-2049"}, {"name": "39908", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/39908"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2010-0793", "datePublished": "2010-03-16T19:00:00", "dateReserved": "2010-03-02T00:00:00", "dateUpdated": "2024-08-07T00:59:39.194Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:barnowl:barnowl:*:*:*:*:*:*:*:*", "matchCriteriaId": "D30059EB-D2ED-43B1-9B1D-70FBEB4026DC", "versionEndIncluding": "1.5", "vulnerable": true}, {"criteria": "cpe:2.3:a:barnowl:barnowl:1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "CB114CBB-A7D7-424E-A8BC-56F4BCAECEE6", "vulnerable": true}, {"criteria": "cpe:2.3:a:barnowl:barnowl:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "171619E8-3E32-4929-8944-2EC4A84CA988", "vulnerable": true}, {"criteria": "cpe:2.3:a:barnowl:barnowl:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "684E559B-F7D9-471A-909C-2C40D301D0D2", "vulnerable": true}, {"criteria": "cpe:2.3:a:barnowl:barnowl:1.0.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "D9E30BFA-5340-4FFA-AA0F-B4AE2F3AF366", "vulnerable": true}, {"criteria": "cpe:2.3:a:barnowl:barnowl:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "0843A975-D31A-4EB0-8864-8F06298F2AB7", "vulnerable": true}, {"criteria": "cpe:2.3:a:barnowl:barnowl:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "9BA91149-6A01-4F7A-9488-DA340A46F1FD", "vulnerable": true}, {"criteria": "cpe:2.3:a:barnowl:barnowl:1.0.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "2C132719-F8DC-46D8-B289-812D576C47F6", "vulnerable": true}, {"criteria": "cpe:2.3:a:barnowl:barnowl:1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "F59E78B1-21D0-4400-B321-640046B613E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:barnowl:barnowl:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "810545B7-0F12-401F-A157-D158A6E5DAA5", "vulnerable": true}, {"criteria": "cpe:2.3:a:barnowl:barnowl:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "EDF4CC20-4C4B-4904-94FF-C0A1830BBBA5", "vulnerable": true}, {"criteria": "cpe:2.3:a:barnowl:barnowl:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "F6F57190-DE0A-42A9-B596-1A627E10C094", "vulnerable": true}, {"criteria": "cpe:2.3:a:barnowl:barnowl:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "47644F1C-BC76-49A9-AA8D-44C1B5D47BC5", "vulnerable": true}, {"criteria": "cpe:2.3:a:barnowl:barnowl:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "66DECEAC-623D-4ADF-AD97-D3152F6B6600", "vulnerable": true}, {"criteria": "cpe:2.3:a:barnowl:barnowl:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "2E1E88F5-7541-4002-BF3E-C5EDC8648E8E", "vulnerable": true}, {"criteria": "cpe:2.3:a:barnowl:barnowl:1.4:rc1:*:*:*:*:*:*", "matchCriteriaId": "A9032222-09C3-4E01-8008-54E03940EDBB", "vulnerable": true}, {"criteria": "cpe:2.3:a:barnowl:barnowl:1.5:rc1:*:*:*:*:*:*", "matchCriteriaId": "AF534CFB-EBC0-4284-A047-C0D009BF2864", "vulnerable": true}, {"criteria": "cpe:2.3:a:barnowl:barnowl:1.5:rc2:*:*:*:*:*:*", "matchCriteriaId": "1C2DA825-7B06-4368-B0E2-FBC7B86097F7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Buffer overflow in BarnOwl before 1.5.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted CC: header."}, {"lang": "es", "value": "Desbordamiento de Buffer en BarnOwl anterior v1.5.1 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) y probablemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de la cabecera CC: manipulada."}], "id": "CVE-2010-0793", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2010-03-16T19:30:00.463", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://barnowl.mit.edu/wiki/barnowl-1.5.1-announce"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/39908"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2010/dsa-2049"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2010/1218"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://barnowl.mit.edu/wiki/barnowl-1.5.1-announce"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/39908"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2010/dsa-2049"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2010/1218"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}