Anonymous | Login | 2024-04-26 00:32 CEST |
Main | My View | View Issues |
Viewing Issue Simple Details [ Jump to Notes ] | [ View Advanced ] [ Issue History ] [ Print ] | ||||||
ID | Category | Severity | Reproducibility | Date Submitted | Last Update | ||
0003898 | [cyrus_imapd] packaging | major | always | 2009-09-15 11:04 | 2009-11-22 12:51 | ||
Reporter | jeanclaudeben | View Status | public | ||||
Assigned To | yann | ||||||
Priority | normal | Resolution | fixed | ||||
Status | closed | ||||||
Summary | 0003898: SIEVE vulnerability | ||||||
Description |
Hi http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2632 [^] Buffer overflow in the SIEVE script component (sieve/script.c) in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14 allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to the incorrect use of the sizeof operator for determining buffer length, combined with an integer signedness error. Is it possible to package the updated version : 2.3.15 ? |
||||||
Additional Information | |||||||
Tags | No tags attached. | ||||||
Attached Files | |||||||
|
Copyright © 2000 - 2008 Mantis Group |