Описание
Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to the incorrect use of the sizeof operator for determining buffer length, combined with an integer signedness error.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | not-affected | 2.2.13-16ubuntu1 |
| hardy | ignored | end of life |
| intrepid | ignored | end of life, was needed |
| jaunty | released | 2.2.13-14ubuntu3.1 |
| karmic | not-affected | 2.2.13-16ubuntu1 |
| lucid | not-affected | 2.2.13-16ubuntu1 |
| maverick | not-affected | 2.2.13-16ubuntu1 |
| natty | not-affected | 2.2.13-16ubuntu1 |
| oneiric | not-affected | 2.2.13-16ubuntu1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | not-affected | code not compiled |
| devel | released | 1:1.1.11-0ubuntu9 |
| hardy | released | 1:1.0.10-1ubuntu5.2 |
| intrepid | released | 1:1.1.4-0ubuntu1.3 |
| jaunty | released | 1:1.1.11-0ubuntu4.1 |
| karmic | released | 1:1.1.11-0ubuntu9 |
| lucid | released | 1:1.1.11-0ubuntu9 |
| maverick | released | 1:1.1.11-0ubuntu9 |
| natty | released | 1:1.1.11-0ubuntu9 |
| oneiric | released | 1:1.1.11-0ubuntu9 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | not-affected | 2.2.13-9 |
| hardy | ignored | end of life |
| intrepid | ignored | end of life, was needed |
| jaunty | ignored | end of life |
| karmic | ignored | end of life |
| lucid | not-affected | 2.2.13-9 |
| maverick | not-affected | 2.2.13-9 |
| natty | not-affected | 2.2.13-9 |
| oneiric | not-affected | 2.2.13-9 |
Показывать по
4.4 Medium
CVSS2
Связанные уязвимости
Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to the incorrect use of the sizeof operator for determining buffer length, combined with an integer signedness error.
Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to the incorrect use of the sizeof operator for determining buffer length, combined with an integer signedness error.
Buffer overflow in the SIEVE script component (sieve/script.c), as use ...
Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to the incorrect use of the sizeof operator for determining buffer length, combined with an integer signedness error.
4.4 Medium
CVSS2