7.5
CVE-2002-1580
- EPSS 16.52%
- Veröffentlicht 14.06.2004 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:59:35
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Integer overflow in imapparse.c for Cyrus IMAP server 1.4 and 2.1.10 allows remote attackers to execute arbitrary code via a large length value that facilitates a buffer overflow attack, a different vulnerability than CVE-2002-1347.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Carnegie Mellon University ≫ Cyrus Imap Server Version1.4
Carnegie Mellon University ≫ Cyrus Imap Server Version1.5.19
Carnegie Mellon University ≫ Cyrus Imap Server Version2.0.12
Carnegie Mellon University ≫ Cyrus Imap Server Version2.0.16
Carnegie Mellon University ≫ Cyrus Imap Server Version2.1.9
Carnegie Mellon University ≫ Cyrus Imap Server Version2.1.10
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 16.52% | 0.966 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000557
http://www.debian.org/security/2002/dsa-215
http://asg.web.cmu.edu/cyrus/download/imapd/changes.html
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000557
http://www.kb.cert.org/vuls/id/740169
http://www.securityfocus.com/archive/1/301864
http://www.securityfocus.com/bid/6298
https://exchange.xforce.ibmcloud.com/vulnerabilities/10744