Unrated severityNVD Advisory· Published Jul 8, 2010· Updated Apr 29, 2026

CVE-2010-2494

Description

Multiple buffer underflows in the base64 decoder in base64.c in (1) bogofilter and (2) bogolexer in bogofilter before 1.2.2 allow remote attackers to cause a denial of service (heap memory corruption and application crash) via an e-mail message with invalid base64 data that begins with an = (equals) character.

Affected products

Bogofilter/Bogofilter14 versions
cpe:2.3:a:bogofilter:bogofilter:1.1.0:*:*:*:*:*:*:*+ 13 more
- cpe:2.3:a:bogofilter:bogofilter:1.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:bogofilter:bogofilter:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:bogofilter:bogofilter:1.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:bogofilter:bogofilter:1.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:bogofilter:bogofilter:1.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:bogofilter:bogofilter:1.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:bogofilter:bogofilter:1.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:bogofilter:bogofilter:1.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:bogofilter:bogofilter:1.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:bogofilter:bogofilter:*:*:*:*:*:*:*:*range: <=1.2.1
- cpe:2.3:a:bogofilter:bogofilter:1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:bogofilter:bogofilter:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:bogofilter:bogofilter:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:bogofilter:bogofilter:1.0.3:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.004
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000