10

CVE-2004-1013

The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) "body[p", (2) "binary[p", or (3) "binary[p") that cause an index increment error that leads to an out-of-bounds memory corruption.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
OpenpkgOpenpkg Versioncurrent
ConectivaLinux Version9.0
ConectivaLinux Version10.0
RedhatFedora Core Versioncore_2.0
RedhatFedora Core Versioncore_3.0
TrustixSecure Linux Version2.0
TrustixSecure Linux Version2.1
TrustixSecure Linux Version2.2
UbuntuUbuntu Linux Version4.1 Editionia64
UbuntuUbuntu Linux Version4.1 Editionppc
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 10.25% 0.924
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C