7.5

CVE-2005-0546

Multiple buffer overflows in Cyrus IMAPd before 2.2.11 may allow attackers to execute arbitrary code via (1) an off-by-one error in the imapd annotate extension, (2) an off-by-one error in "cached header handling," (3) a stack-based buffer overflow in fetchnews, or (4) a stack-based buffer overflow in imapd.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
CyrusImapd Version2.0.17
CyrusImapd Version2.1.16
CyrusImapd Version2.1.17
CyrusImapd Version2.1.18
CyrusImapd Version2.2.10
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 4.24% 0.897
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://asg.web.cmu.edu/archive/message.php?mailbox=archive.info-cyrus&msg=33723
Patch
http://bugs.gentoo.org/show_bug.cgi?id=82404
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000937
Vendor Advisory
http://marc.info/?l=bugtraq&m=110972236203397&w=2
http://secunia.com/advisories/14383
Patch
Vendor Advisory
http://security.gentoo.org/glsa/glsa-200502-29.xml
Patch
Vendor Advisory
http://securitytracker.com/id?1013278
http://www.mandriva.com/security/advisories?name=MDKSA-2005:051
http://www.redhat.com/support/errata/RHSA-2005-408.html
http://www.securityfocus.com/archive/1/430294/100/0/threaded
http://www.securityfocus.com/bid/12636
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10674