10

CVE-2004-1067

Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may allow remote attackers to execute arbitrary code via the username.
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 5.18% 0.914
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://asg.web.cmu.edu/cyrus/download/imapd/changes.html
http://www.securityfocus.com/bid/11738
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/18333
https://www.ubuntu.com/usn/usn-37-1/