CVE-2008-5514

EPSS 1.07%
Published 23.12.2008 18:30:03
Last modified 09.04.2025 00:30:58
Source secalert@redhat.com
Teams watchlist Login
Open Login

Off-by-one error in the rfc822_output_char function in the RFC822BUFFER routines in the University of Washington (UW) c-client library, as used by the UW IMAP toolkit before imap-2007e and other applications, allows context-dependent attackers to cause a denial of service (crash) via an e-mail message that triggers a buffer overflow.

Affected products Warnungen 0 Metrics 2 CWE 1 References 13

Data is provided by the National Vulnerability Database (NVD)

University Of Washington ≫ Imap Version <= 2007d

University Of Washington ≫ Imap Version2000

University Of Washington ≫ Imap Version2000a

University Of Washington ≫ Imap Version2000b

University Of Washington ≫ Imap Version2000c

University Of Washington ≫ Imap Version2001

University Of Washington ≫ Imap Version2001a

University Of Washington ≫ Imap Version2002

University Of Washington ≫ Imap Version2002a

University Of Washington ≫ Imap Version2002b

University Of Washington ≫ Imap Version2002c

University Of Washington ≫ Imap Version2002d

University Of Washington ≫ Imap Version2002e

University Of Washington ≫ Imap Version2002f

University Of Washington ≫ Imap Version2004

University Of Washington ≫ Imap Version2004a

University Of Washington ≫ Imap Version2004b

University Of Washington ≫ Imap Version2004c

University Of Washington ≫ Imap Version2004d

University Of Washington ≫ Imap Version2004e

University Of Washington ≫ Imap Version2004f

University Of Washington ≫ Imap Version2004g

University Of Washington ≫ Imap Version2006

University Of Washington ≫ Imap Version2006a

University Of Washington ≫ Imap Version2006b

University Of Washington ≫ Imap Version2006c

University Of Washington ≫ Imap Version2006d

University Of Washington ≫ Imap Version2006e

University Of Washington ≫ Imap Version2006f

University Of Washington ≫ Imap Version2006g

University Of Washington ≫ Imap Version2006h

University Of Washington ≫ Imap Version2006i

University Of Washington ≫ Imap Version2006j

University Of Washington ≫ Imap Version2006k

University Of Washington ≫ Imap Version2007

University Of Washington ≫ Imap Version2007a

University Of Washington ≫ Imap Version2007b

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	1.07%	0.757

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:N/A:P

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://www.mandriva.com/security/advisories?name=MDVSA-2009:146

http://secunia.com/advisories/33275

http://secunia.com/advisories/33638

http://securitytracker.com/id?1021485

http://www.securityfocus.com/bid/32958

http://www.vupen.com/english/advisories/2008/3490

http://www.washington.edu/imap/documentation/RELNOTES.html

https://bugzilla.redhat.com/show_bug.cgi?id=477227

https://exchange.xforce.ibmcloud.com/vulnerabilities/47526

https://www.redhat.com/archives/fedora-package-announce/2009-January/msg00846.html

https://nvd.nist.gov/vuln/detail/CVE-2008-5514

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-5514

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-5514

EUVD