GCVE - cpe:2.3:a:sendmail:sendmail:3.0.3:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:sendmail:sendmail:3.0.3:*:*:*:*:*:*:*

part: a version: 3.0.3 update: *

Vendor	Sendmail (`c8b2f50b-c776-57dd-b04e-872c5d7ad905`)
Product	Sendmail (`ad22b575-b05b-5921-b062-6676964a2b92`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2009-1490`	vulnerable	2026-06-08 04:51:23.429671	Details available Heap-based buffer overflow in Sendmail before 8.13.2 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long X- header, as demonstrated by an X-Testing header. Published: 2009-05-05T19:00:00.000Z Updated: 2024-08-07T05:13:25.560Z Open on db.gcve.eu Reference links http://www.sendmail.org/releases/8.13.2 http://www.nmrc.org/~thegnome/blog/apr09/ https://exchange.xforce.ibmcloud.com/vulnerabilities/50355	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2003-0694`	vulnerable	2026-06-08 04:47:22.237701	Details available The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. Published: 2003-09-18T04:00:00.000Z Updated: 2024-08-08T02:05:11.329Z Open on db.gcve.eu Reference links http://marc.info/?l=bugtraq&m=106398718909274&w=2 http://www.sendmail.org/8.12.10.html http://www.redhat.com/support/errata/RHSA-2003-283.html http://archives.neohapsis.com/archives/fulldisclosure/2003-q3/4119.html http://www.cert.org/advisories/CA-2003-25.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2003-0681`	vulnerable	2026-06-08 04:47:22.183384	Details available A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences. Published: 2003-09-18T04:00:00.000Z Updated: 2024-08-08T02:05:11.990Z Open on db.gcve.eu Reference links http://marc.info/?l=bugtraq&m=106398718909274&w=2 http://www.sendmail.org/8.12.10.html http://www.redhat.com/support/errata/RHSA-2003-283.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A595 http://www.mandriva.com/security/advisories?name=MDKSA-2003:092	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2003-0161`	vulnerable	2026-06-08 04:47:20.851974	Details available The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337. Published: 2003-04-01T05:00:00.000Z Updated: 2024-08-08T01:43:36.017Z Open on db.gcve.eu Reference links http://sunsolve.sun.com/search/document.do?assetkey=1-77-1001088.1-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-52620-1 ftp://patches.sgi.com/support/free/security/advisories/20030401-01-P http://www.securityfocus.com/bid/7230 http://marc.info/?l=bugtraq&m=104914999806315&w=2	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.