Описание
Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different vulnerability than CVE-2009-2632.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | not-affected | 2.2.13-19 |
| hardy | ignored | end of life |
| intrepid | ignored | end of life |
| jaunty | released | 2.2.13-14ubuntu3.1 |
| karmic | ignored | end of life |
| lucid | not-affected | 2.2.13-19 |
| maverick | not-affected | 2.2.13-19 |
| natty | not-affected | 2.2.13-19 |
| oneiric | not-affected | 2.2.13-19 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | not-affected | code not compiled |
| devel | released | 1:1.1.11-0ubuntu9 |
| hardy | released | 1:1.0.10-1ubuntu5.2 |
| intrepid | released | 1:1.1.4-0ubuntu1.3 |
| jaunty | released | 1:1.1.11-0ubuntu4.1 |
| karmic | released | 1:1.1.11-0ubuntu9 |
| lucid | released | 1:1.1.11-0ubuntu9 |
| maverick | released | 1:1.1.11-0ubuntu9 |
| natty | released | 1:1.1.11-0ubuntu9 |
| oneiric | released | 1:1.1.11-0ubuntu9 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | not-affected | 2.2.13-9 |
| hardy | ignored | end of life |
| intrepid | ignored | end of life |
| jaunty | ignored | end of life |
| karmic | ignored | end of life |
| lucid | not-affected | 2.2.13-9 |
| maverick | not-affected | 2.2.13-9 |
| natty | not-affected | 2.2.13-9 |
| oneiric | not-affected | 2.2.13-9 |
Показывать по
7.5 High
CVSS2
Связанные уязвимости
Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different vulnerability than CVE-2009-2632.
Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different vulnerability than CVE-2009-2632.
Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1 ...
Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different vulnerability than CVE-2009-2632.
7.5 High
CVSS2