[Forgot Password]
Login  Register Subscribe

23631

 
 

117687

 
 

98503

 
 

909

 
 

79281

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2008-5514

Date: (C)2008-12-23   (M)2017-08-08 


Off-by-one error in the rfc822_output_char function in the RFC822BUFFER routines in the University of Washington (UW) c-client library, as used by the UW IMAP toolkit before imap-2007e and other applications, allows context-dependent attackers to cause a denial of service (crash) via an e-mail message that triggers a buffer overflow.

CVSS Score: 4.3Access Vector: NETWORK
Exploit Score: 8.6Access Complexity: MEDIUM
Impact Score: 2.9Authentication: NONE
 Confidentiality: NONE
 Integrity: NONE
 Availability: PARTIAL





Reference:
SECTRACK-1021485
BID-32958
SECUNIA-33275
SECUNIA-33638
ADV-2008-3490
FEDORA-2009-0371
MDVSA-2009:146
http://www.washington.edu/imap/documentation/RELNOTES.html
https://bugzilla.redhat.com/show_bug.cgi?id=477227
uwimapd-rfc822outputchar-dos(47526)

CWE    1
CWE-119
OVAL    4
oval:org.secpod.oval:def:102446
oval:org.secpod.oval:def:101891
oval:org.secpod.oval:def:301214
oval:org.secpod.oval:def:301198
...

© 2013 SecPod Technologies