6.8
CVSSv2

CVE-2007-5007

Published: 12/12/2007 Updated: 08/03/2011
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Summary

Stack-based buffer overflow in the ir_fetch_seq function in balsa prior to 2.3.20 might allow remote IMAP servers to execute arbitrary code via a long response to a FETCH command.

Affected Products

Vendor Product Versions
GnomeBalsa1.1.7, 1.2.4, 1.4, 1.4.3, 2.0.6, 2.0.10, 2.0.16, 2.0.17, 2.0.18, 2.1, 2.1.1, 2.1.2, 2.1.3, 2.1.90, 2.1.91, 2.2, 2.2.1, 2.2.2, 2.2.3, 2.2.4, 2.2.5, 2.2.6, 2.3, 2.3.1, 2.3.2, 2.3.3, 2.3.4, 2.3.5, 2.3.6, 2.3.7, 2.3.8, 2.3.10, 2.3.11, 2.3.12, 2.3.13, 2.3.14, 2.3.15, 2.3.16, 2.3.17, 2.3.19