Lucene search

[email protected]CVE-2004-1211

HistoryJan 10, 2005 - 5:00 a.m.

CVE-2004-1211

2005-01-1005:00:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2004-1211

buffer overflow

mercury/32

imap service

remote exploitation

denial of service

arbitrary code execution

vulnerability

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.4 High

AI Score

Confidence

High

0.964 High

EPSS

Percentile

99.6%

JSON

Multiple buffer overflows in the IMAP service in Mercury/32 4.01a allow remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via long arguments to the (1) EXAMINE, (2) SUBSCRIBE, (3) STATUS, (4) APPEND, (5) CHECK, (6) CLOSE, (7) EXPUNGE, (8) FETCH, (9) RENAME, (10) DELETE, (11) LIST, (12) SEARCH, (13) CREATE, or (14) UNSUBSCRIBE commands.

Affected configurations

NVD

Node

david_harrismercuryMatch4.0.1awin32

CPENameOperatorVersion
david_harris:mercurydavid harris mercuryeq4.0.1a

CPE	Name	Operator	Version
david_harris:mercury	david harris mercury	eq	4.0.1a

References

home.kabelfoon.nl/~jaabogae/han/m_401b.html

lists.grok.org.uk/pipermail/full-disclosure/2004-December/029701.html

marc.info/?l=bugtraq&m=110193702909991&w=2

secunia.com/advisories/13348

www.osvdb.org/12508

www.securityfocus.com/bid/11775

exchange.xforce.ibmcloud.com/vulnerabilities/18318

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.4 High

AI Score

Confidence

High

0.964 High

EPSS

Percentile

99.6%

JSON

Related for CVE-2004-1211

packetstorm1 nessus1 cvelist2 saint4 nvd2 checkpoint_advisories1 prion1 cve1