10

CVE-2004-1012

The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body.peek") and causes an index increment error that leads to an out-of-bounds memory corruption.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
OpenpkgOpenpkg Versioncurrent
ConectivaLinux Version9.0
ConectivaLinux Version10.0
RedhatFedora Core Versioncore_2.0
RedhatFedora Core Versioncore_3.0
TrustixSecure Linux Version2.0
TrustixSecure Linux Version2.1
TrustixSecure Linux Version2.2
UbuntuUbuntu Linux Version4.1 Editionia64
UbuntuUbuntu Linux Version4.1 Editionppc
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 10.25% 0.924
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C