Unrated severityNVD Advisory· Published Oct 31, 2007· Updated Apr 23, 2026

CVE-2007-5740

Description

The format string protection mechanism in IMAPD for Perdition Mail Retrieval Proxy 1.17 and earlier allows remote attackers to execute arbitrary code via an IMAP tag with a null byte followed by a format string specifier, which is not counted by the mechanism.

Affected products

Vergenet/Perdition Mail Retrieval Proxy
cpe:2.3:a:vergenet:perdition_mail_retrieval_proxy:*:*:*:*:*:*:*:*
Range: <=1.17

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

archives.neohapsis.com/archives/fulldisclosure/2007-10/0889.htmlnvdPatch
secunia.com/advisories/27458nvdVendor Advisory
secunia.com/advisories/27520nvdVendor Advisory
www.debian.org/security/2007/dsa-1398nvd
www.sec-consult.com/300.htmlnvd
www.securityfocus.com/archive/1/483034/100/0/threadednvd
www.securityfocus.com/bid/26270nvd
www.securitytracker.com/idnvd
www.vergenet.net/linux/perdition/ChangeLog.shtmlnvd
www.vupen.com/english/advisories/2007/3677nvd
exchange.xforce.ibmcloud.com/vulnerabilities/38184nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.020
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000