VYPR
Unrated severityNVD Advisory· Published May 22, 2006· Updated Jun 16, 2026

CVE-2006-1520

CVE-2006-1520

Description

Format string vulnerability in ANSI C Sender Policy Framework library (libspf) before 1.0.0-p5, when debugging is enabled, allows remote attackers to execute arbitrary code via format string specifiers, possibly in an e-mail address.

Affected products

2
  • Libspf/Libspf2 versions
    cpe:2.3:a:libspf:libspf:1.0.0_p4:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:libspf:libspf:1.0.0_p4:*:*:*:*:*:*:*
    • (no CPE)range: <1.0.0-p5

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.