This CPE summary could be partial or incomplete. Please contact us for a detailed listing.


Vendor Sylpheed First view 2005-03-07
Product Sylpheed Last view 2007-03-06
Version 0.9.99 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
CPE Product cpe:2.3:a:sylpheed:sylpheed

Activity : Overall

Related : CVE

  Date Alert Description
5 2007-03-06 CVE-2007-1267

Sylpheed 2.2.7 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Sylpheed from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message without detection.

2.6 2006-06-08 CVE-2006-2920

Sylpheed-Claws before 2.2.2 and Sylpheed before 2.2.6 allow remote attackers to bypass the URI check functionality and makes it easier to conduct phishing attacks via a URI that begins with a space character.

5.1 2005-03-07 CVE-2005-0667

Buffer overflow in Sylpheed before 1.0.3 and other versions before 1.9.5 allows remote attackers to execute arbitrary code via an e-mail message with certain headers containing non-ASCII characters that are not properly handled when the user replies to the message.

CWE : Common Weakness Enumeration

100% (1) CWE-20 Improper Input Validation

Open Source Vulnerability Database (OSVDB)

id Description
33502 Multiple Mail Client --status-fd GnuPG Invocation Spoofed Content Weakness
26229 Sylpheed Unspecified URI Check Bypass
14570 Sylpheed Message Header Processing Overflow

OpenVAS Exploits

id Description
2008-09-24 Name : Gentoo Security Advisory GLSA 200503-26 (sylpheed sylpheed-claws)
File : nvt/glsa_200503_26.nasl
2008-09-04 Name : FreeBSD Ports: sylpheed, sylpheed-claws, sylpheed-gtk2
File : nvt/freebsd_sylpheed.nasl

Nessus® Vulnerability Scanner

id Description
2007-11-10 Name: The remote Ubuntu host is missing a security-related patch.
File: ubuntu_USN-432-1.nasl - Type: ACT_GATHER_INFO
2007-03-12 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2007-059.nasl - Type: ACT_GATHER_INFO
2005-09-12 Name: The remote Fedora Core host is missing a security update.
File: fedora_2005-211.nasl - Type: ACT_GATHER_INFO
2005-07-13 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_f85361439bc411d9b8b3000a95bc6fae.nasl - Type: ACT_GATHER_INFO
2005-05-19 Name: The remote Fedora Core host is missing a security update.
File: fedora_2005-224.nasl - Type: ACT_GATHER_INFO
2005-03-21 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-200503-26.nasl - Type: ACT_GATHER_INFO
2005-03-18 Name: The remote Red Hat host is missing a security update.
File: redhat-RHSA-2005-303.nasl - Type: ACT_GATHER_INFO