5
CVSSv2

CVE-2020-16118

Published: 29/07/2020 Updated: 31/07/2020
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

In GNOME Balsa prior to 2.6.0, a malicious server operator or man in the middle can trigger a NULL pointer dereference and client crash by sending a PREAUTH response to imap_mbox_connect in libbalsa/imap/imap-handle.c.

Vulnerability Trend

Affected Products

Vendor Product Versions
GnomeBalsa2.5.0, 2.5.1, 2.5.3, 2.5.5, 2.5.6, 2.5.7, 2.5.8, 2.5.11