Vulmon Recent Vulnerabilities Trends Blog About Contact

imap vulnerabilities and exploits

(subscribe to this query)

5
CVSSv2
CVE-2001-1154
Cyrus 2.0.15, 2.0.16, and 1.6.24 on BSDi 4.2, with IMAP enabled, allows remote attackers to cause a denial of service (hang) using PHP IMAP clients....
7.5
CVSSv2
CVE-2004-0669
Lotus Domino 6.5.0 and 6.5.1, with IMAP enabled, allows remote authenticated users to change their quota by using the IMAP setquota command....
7.8
CVSSv2
CVE-2007-0221
Integer overflow in the IMAP (IMAP4) support in Microsoft Exchange Server 2000 SP3 allows remote attackers to cause a denial of service (service hang) via crafted literals in an IMAP command, aka the "IMAP Literal Processing Vulnerability."...
5
CVSSv2
CVE-2006-0377
CRLF injection vulnerability in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to inject arbitrary IMAP commands via newline characters in the mailbox parameter of the sqimap_mailbox_select command, aka "IMAP injection."...
6.4
CVSSv2
CVE-2017-1000257
An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that (non-existing) data with a pointer and the size (zero) to the deliver-data function. libcurl's deliver-data...
7.5
CVSSv2
CVE-2000-0053
Microsoft Commercial Internet System (MCIS) IMAP server allows remote attackers to cause a denial of service via a malformed IMAP request....
10
CVSSv2
CVE-2000-0233
SuSE Linux IMAP server allows remote attackers to bypass IMAP authentication and gain privileges....
10
CVSSv2
CVE-2005-3640
Multiple buffer overflows in the IMAP Groupware Mail server of Floosietek FTGate (FTGate4) 4.1 allow remote attackers to execute arbitrary code via long arguments to various IMAP commands, as demonstrated with the EXAMINE command....
10
CVSSv2
CVE-1999-0005
Arbitrary command execution via IMAP buffer overflow in authenticate command....
7.5
CVSSv2
CVE-2018-14351
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/command.c mishandles a long IMAP status mailbox literal count size....
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
gophishCVE-2020-7384CVE-2020-16261server-side request forgerylogic flawcross-site request forgeryCVE-2020-5932sterling connect\oscommerceibmCVE-2020-16939CVE-2020-27648CVE-2020-15999