The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and previous versions allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body.peek") and causes an index increment error that leads to an out-of-bounds memory corruption.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
carnegie mellon university cyrus imap server 2.2.6 |
||
carnegie mellon university cyrus imap server 2.1.10 |
||
conectiva linux 9.0 |
||
carnegie mellon university cyrus imap server 2.2.8 |
||
carnegie mellon university cyrus imap server 2.2.0 alpha |
||
carnegie mellon university cyrus imap server 2.1.9 |
||
carnegie mellon university cyrus imap server 2.2.5 |
||
carnegie mellon university cyrus imap server 2.2.2 beta |
||
openpkg openpkg current |
||
carnegie mellon university cyrus imap server 2.1.16 |
||
carnegie mellon university cyrus imap server 2.2.7 |
||
carnegie mellon university cyrus imap server 2.2.3 |
||
conectiva linux 10.0 |
||
carnegie mellon university cyrus imap server 2.2.1 beta |
||
carnegie mellon university cyrus imap server 2.1.7 |
||
carnegie mellon university cyrus imap server 2.2.4 |
||
redhat fedora core core 2.0 |
||
trustix secure linux 2.0 |
||
ubuntu ubuntu linux 4.1 |
||
trustix secure linux 2.1 |
||
trustix secure linux 2.2 |
||
redhat fedora core core 3.0 |