The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x up to and including 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) "body[p", (2) "binary[p", or (3) "binary[p") that cause an index increment error that leads to an out-of-bounds memory corruption.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
carnegie mellon university cyrus imap server 2.1.7 |
||
carnegie mellon university cyrus imap server 2.1.9 |
||
carnegie mellon university cyrus imap server 2.2.7 |
||
carnegie mellon university cyrus imap server 2.2.8 |
||
carnegie mellon university cyrus imap server 2.1.10 |
||
carnegie mellon university cyrus imap server 2.1.16 |
||
carnegie mellon university cyrus imap server 2.2.5 |
||
carnegie mellon university cyrus imap server 2.2.6 |
||
carnegie mellon university cyrus imap server 2.2.2_beta |
||
carnegie mellon university cyrus imap server 2.2.3 |
||
carnegie mellon university cyrus imap server 2.2.4 |
||
conectiva linux 9.0 |
||
carnegie mellon university cyrus imap server 2.2.0_alpha |
||
carnegie mellon university cyrus imap server 2.2.1_beta |
||
openpkg openpkg current |
||
conectiva linux 10.0 |
||
trustix secure linux 2.0 |
||
trustix secure linux 2.1 |
||
redhat fedora core core_2.0 |
||
redhat fedora core core_3.0 |
||
ubuntu ubuntu linux 4.1 |
||
trustix secure linux 2.2 |