=========================================================== Ubuntu Security Notice USN-240-1 January 11, 2006 bogofilter vulnerability CVE-2005-4591 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.10 (Breezy Badger) The following packages are affected: bogofilter The problem can be corrected by upgrading the affected package to version 0.95.2-1ubuntu1.1. In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: A buffer overflow was found in bogofilter's character set conversion handling. Certain invalid UTF-8 character sequences caused an invalid memory access. By sending a specially crafted email, a remote attacker could exploit this to crash bogofilter or possibly even execute arbitrary code with bogofilter's privileges.