10
CVE-2004-1013
- EPSS 10.25%
- Published 10.01.2005 05:00:00
- Last modified 03.04.2025 01:03:51
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) "body[p", (2) "binary[p", or (3) "binary[p") that cause an index increment error that leads to an out-of-bounds memory corruption.
Data is provided by the National Vulnerability Database (NVD)
Carnegie Mellon University ≫ Cyrus Imap Server Version2.1.7
Carnegie Mellon University ≫ Cyrus Imap Server Version2.1.9
Carnegie Mellon University ≫ Cyrus Imap Server Version2.1.10
Carnegie Mellon University ≫ Cyrus Imap Server Version2.1.16
Carnegie Mellon University ≫ Cyrus Imap Server Version2.2.0_alpha
Carnegie Mellon University ≫ Cyrus Imap Server Version2.2.1_beta
Carnegie Mellon University ≫ Cyrus Imap Server Version2.2.2_beta
Carnegie Mellon University ≫ Cyrus Imap Server Version2.2.3
Carnegie Mellon University ≫ Cyrus Imap Server Version2.2.4
Carnegie Mellon University ≫ Cyrus Imap Server Version2.2.5
Carnegie Mellon University ≫ Cyrus Imap Server Version2.2.6
Carnegie Mellon University ≫ Cyrus Imap Server Version2.2.7
Carnegie Mellon University ≫ Cyrus Imap Server Version2.2.8
Redhat ≫ Fedora Core Versioncore_2.0
Redhat ≫ Fedora Core Versioncore_3.0
Trustix ≫ Secure Linux Version2.0
Trustix ≫ Secure Linux Version2.1
Trustix ≫ Secure Linux Version2.2
Ubuntu ≫ Ubuntu Linux Version4.1 Editionia64
Ubuntu ≫ Ubuntu Linux Version4.1 Editionppc
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 10.25% | 0.924 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|