GCVE - cpe:2.3:a:sendmail:sendmail:5.59:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:sendmail:sendmail:5.59:*:*:*:*:*:*:*

part: a version: 5.59 update: *

Vendor	Sendmail (`c8b2f50b-c776-57dd-b04e-872c5d7ad905`)
Product	Sendmail (`ad22b575-b05b-5921-b062-6676964a2b92`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2009-4565`	vulnerable	2026-06-08 04:51:48.911694	Details available sendmail before 8.14.4 does not properly handle a '\0' character in a Common Name (CN) field of an X.509 certificate, which (1) allows man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate Certification Authority, and (2) allows remote attackers to bypass intended access restrictions via a crafted client certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. Published: 2010-01-04T21:00:00.000Z Updated: 2024-08-07T07:08:38.091Z Open on db.gcve.eu Reference links http://secunia.com/advisories/38314 http://security.gentoo.org/glsa/glsa-201206-30.xml http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021797.1-1 http://secunia.com/advisories/39088 http://www.vupen.com/english/advisories/2009/3661	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2009-1490`	vulnerable	2026-06-08 04:51:23.432069	Details available Heap-based buffer overflow in Sendmail before 8.13.2 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long X- header, as demonstrated by an X-Testing header. Published: 2009-05-05T19:00:00.000Z Updated: 2024-08-07T05:13:25.560Z Open on db.gcve.eu Reference links http://www.sendmail.org/releases/8.13.2 http://www.nmrc.org/~thegnome/blog/apr09/ https://exchange.xforce.ibmcloud.com/vulnerabilities/50355	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-1999-1580`	vulnerable	2026-06-08 04:44:58.348679	Details available SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding host argument, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable and passing crafted values to the -oR option. Published: 2005-04-21T04:00:00.000Z Updated: 2024-08-01T17:18:07.526Z Open on db.gcve.eu Reference links http://www.kb.cert.org/vuls/id/3278 http://www.cert.org/advisories/CA-95.11.sun.sendmail-oR.vul http://www.securityfocus.com/bid/7829 http://www.auscert.org.au/render.html?it=1853&cid=1978 http://www.alw.nih.gov/Security/8lgm/8lgm-Advisory-21.html	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.