The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x up to and including 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) "body[p", (2) "binary[p", or (3) "binary[p") that cause an index increment error that leads to an out-of-bounds memory corruption.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
carnegie mellon university cyrus imap server 2.2.6 |
||
carnegie mellon university cyrus imap server 2.1.10 |
||
conectiva linux 9.0 |
||
carnegie mellon university cyrus imap server 2.2.8 |
||
carnegie mellon university cyrus imap server 2.2.0 alpha |
||
carnegie mellon university cyrus imap server 2.1.9 |
||
carnegie mellon university cyrus imap server 2.2.5 |
||
carnegie mellon university cyrus imap server 2.2.2 beta |
||
openpkg openpkg current |
||
carnegie mellon university cyrus imap server 2.1.16 |
||
carnegie mellon university cyrus imap server 2.2.7 |
||
carnegie mellon university cyrus imap server 2.2.3 |
||
conectiva linux 10.0 |
||
carnegie mellon university cyrus imap server 2.2.1 beta |
||
carnegie mellon university cyrus imap server 2.1.7 |
||
carnegie mellon university cyrus imap server 2.2.4 |
||
redhat fedora core core 2.0 |
||
trustix secure linux 2.0 |
||
ubuntu ubuntu linux 4.1 |
||
trustix secure linux 2.1 |
||
trustix secure linux 2.2 |
||
redhat fedora core core 3.0 |