Published:2005/08/25 Last Updated:2008/05/21
JVN#23727054
Pochy denial-of-service (DoS) vulnerability
Overview
Pochy, email client software operating in the Microsoft Windows environment, contains a vulnerability that may cause the processing to stop while the CPU load is high and a denial-of-service (DoS) after receiving a specific string.
Products Affected
- Pochy 0.2.1a
Description
Impact
A remote attacker could exploit this vulnerability to cause a denial-of-service (DoS) attack by sending a specially crafted email to a Pochy user.
Solution
Vendor Status
| Vendor | Status | Last Update | Vendor Notes |
|---|---|---|---|
| Pochy project team | Unknown | 2005/08/25 |
| Vendor | Link |
| PochyProjectTeam |
http://pochy.sourceforge.jp/pukiwiki/pukiwiki.php?%A5%C0%A5%A6%A5%F3%A5%ED%A1%BC%A5%C9 |
References
JPCERT/CC Addendum
Credit
WAKAI Kazunao of Information-technology Promotion Agency, Japan reported this vulnerability to IPA.
JPCERT/CC coordinated with the vendors under Information Security Early Warning Partnership.
Other Information
| JPCERT Alert | |
| JPCERT Reports | |
| CERT Advisory | |
| CPNI Advisory | |
| TRnotes | |
| CVE | |
| JVN iPedia |
JVNDB-2005-000787 |