https://www.exploit-db.com/exploits/21612
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200210-152

UltrafunkPopcorn是一款已经长久没有维护的EMAIL客户端，使用在MicrosoftWindows操作系统下。UltrafunkPopcorn在处理邮件时对数据缺少正确处理，导致远程攻击者可以利用这些漏洞进行拒绝服务攻击。UltrafunkPopcorn存在3个漏洞，可以导致远程攻击者对UltrafunkPopcorn进行拒绝服务攻击：1，如果攻击者发送包含tt字符的’Subject’字段的邮件，当UltrafunkPopcorn处理时，可导致程序崩溃。2，如果攻击者发送包含超过490个字节字符的’Subject’字段邮件，当UltrafunkPopcorn处理时，可导致程序崩溃。3，当邮件接收到时，对日期(date)字段的管理存在问题，当攻击者发送日期(date)字段中包含超过2037年的值，UltrafunkPopcorn处理时，可导致程序崩溃。

source: http://www.securityfocus.com/bid/5212/info

Ultrafunk Popcorn email client is designed for Microsoft Windows systems and is no longer being maintained.

It has been reported that Popcorn email client will stop responding when attempting to open malformed messages.

Reportedly, a message containing an unusual amount of data or a malformed string of characters in the subject field will initiate a denial of service. This has also been known to occur when the date field of a mail message has the year specified higher than 2037. 

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/21612.tgz

来源:BID
名称:5212
链接:http://www.securityfocus.com/bid/5212
来源:XF
名称:popcorn-mail-dos(9547)
链接:http://www.iss.net/security_center/static/9547.php
来源:BUGTRAQ
名称:20020711Popcornvulnerabilities
链接:http://archives.neohapsis.com/archives/bugtraq/2002-07/0117.html