Lucene search

[email protected]CVE-2003-0297

HistoryJun 16, 2003 - 4:00 a.m.

CVE-2003-0297

2003-06-1604:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2003-0297

c-client

imap client

remote code execution

denial of service

integer signedness errors

integer overflow errors

nvd

8.1 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

77.1%

JSON

c-client IMAP Client, as used in imap-2002b and Pine 4.53, allows remote malicious IMAP servers to cause a denial of service (crash) and possibly execute arbitrary code via certain large (1) literal and (2) mailbox size values that cause either integer signedness errors or integer overflow errors.

CPENameOperatorVersion
university_of_washington:imap-2002buniversity of washington imap-2002beq*
university_of_washington:c-clientuniversity of washington c-clienteq*
university_of_washington:pineuniversity of washington pineeq4.53

CPE	Name	Operator	Version
university_of_washington:imap-2002b	university of washington imap-2002b	eq	*
university_of_washington:c-client	university of washington c-client	eq	*
university_of_washington:pine	university of washington pine	eq	4.53

References

marc.info/?l=bugtraq&m=105294024124163&w=2

www.redhat.com/support/errata/RHSA-2005-015.html

www.redhat.com/support/errata/RHSA-2005-114.html

www.securityfocus.com/archive/1/430302/100/0/threaded

8.1 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

77.1%

JSON

Related for CVE-2003-0297

nessus2 debiancve1 redhat2