Qualcomm: >> Qpopper >> 4.0.4 Security Vulnerabilities
Untrusted search path vulnerability in Qualcomm qpopper 4.0 through 4.05 allows local users to execute arbitrary code by modifying the PATH environment variable to reference a malicious smbpasswd program.
CVSS Score
3.6
EPSS Score
0.001
Published
2003-12-31
The pop_msg function in qpopper 4.0.x before 4.0.5fc2 does not null terminate a message buffer after a call to Qvsnprintf, which could allow authenticated users to execute arbitrary code via a buffer overflow in a mdef command with a long macro name.
CVSS Score
10.0
EPSS Score
0.091
Published
2003-03-18
Buffer overflow in Qpopper (popper) 4.0.4 and earlier allows local users to cause a denial of service and possibly execute arbitrary code via a long bulldir argument in the user's .qpopper-options configuration file.
CVSS Score
4.6
EPSS Score
0.001
Published
2002-10-04