10
CVE-2004-1012
- EPSS 10.25%
- Published 10.01.2005 05:00:00
- Last modified 03.04.2025 01:03:51
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body.peek") and causes an index increment error that leads to an out-of-bounds memory corruption.Data is provided by the National Vulnerability Database (NVD)
Carnegie Mellon University ≫ Cyrus Imap Server Version2.1.7
Carnegie Mellon University ≫ Cyrus Imap Server Version2.1.9
Carnegie Mellon University ≫ Cyrus Imap Server Version2.1.10
Carnegie Mellon University ≫ Cyrus Imap Server Version2.1.16
Carnegie Mellon University ≫ Cyrus Imap Server Version2.2.0_alpha
Carnegie Mellon University ≫ Cyrus Imap Server Version2.2.1_beta
Carnegie Mellon University ≫ Cyrus Imap Server Version2.2.2_beta
Carnegie Mellon University ≫ Cyrus Imap Server Version2.2.3
Carnegie Mellon University ≫ Cyrus Imap Server Version2.2.4
Carnegie Mellon University ≫ Cyrus Imap Server Version2.2.5
Carnegie Mellon University ≫ Cyrus Imap Server Version2.2.6
Carnegie Mellon University ≫ Cyrus Imap Server Version2.2.7
Carnegie Mellon University ≫ Cyrus Imap Server Version2.2.8
Redhat ≫ Fedora Core Versioncore_2.0
Redhat ≫ Fedora Core Versioncore_3.0
Trustix ≫ Secure Linux Version2.0
Trustix ≫ Secure Linux Version2.1
Trustix ≫ Secure Linux Version2.2
Ubuntu ≫ Ubuntu Linux Version4.1 Editionia64
Ubuntu ≫ Ubuntu Linux Version4.1 Editionppc
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 10.25% | 0.924 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|