Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2019-11500HistoryAug 29, 2019 - 2:15 p.m.
CVE-2019-11500
2019-08-2914:15:00
Debian Security Bug Tracker
security-tracker.debian.org
9
0.614 Medium
EPSS
Percentile
97.8%
In Dovecot before 2.2.36.4 and 2.3.x before 2.3.7.2 (and Pigeonhole before 0.5.7.2), protocol processing can fail for quoted strings. This occurs because ‘\0’ characters are mishandled, and can lead to out-of-bounds writes and remote code execution.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | dovecot | <Â 1:2.3.7.2-1 | dovecot_1:2.3.7.2-1_all.deb |
| Debian | 11 | all | dovecot | <Â 1:2.3.7.2-1 | dovecot_1:2.3.7.2-1_all.deb |
| Debian | 10 | all | dovecot | <Â 1:2.3.4.1-5+deb10u1 | dovecot_1:2.3.4.1-5+deb10u1_all.deb |
| Debian | 999 | all | dovecot | <Â 1:2.3.7.2-1 | dovecot_1:2.3.7.2-1_all.deb |
| Debian | 13 | all | dovecot | <Â 1:2.3.7.2-1 | dovecot_1:2.3.7.2-1_all.deb |
Related
osv
osv
CVE-2019-11500
2019-08-29 14:15:11
dovecot - security update
2019-08-29 00:00:00
dovecot - security update
2019-08-28 00:00:00
oraclelinux
oraclelinux
dovecot security update
2019-09-23 00:00:00
dovecot security update
2019-09-20 00:00:00
dovecot security update
2019-09-23 00:00:00
ubuntucve
ubuntucve
CVE-2019-11500
2019-08-28 00:00:00
nessus
nessus
EulerOS 2.0 SP3 : dovecot (EulerOS-SA-2019-2243)
2019-11-08 00:00:00
Amazon Linux 2 : dovecot (ALAS-2019-1347)
2019-11-07 00:00:00
Ubuntu 16.04 LTS / 18.04 LTS : Dovecot regression (USN-4110-3)
2019-08-29 00:00:00
freebsd
freebsd
Dovecot -- improper input validation
2019-04-13 00:00:00
alpinelinux
alpinelinux
CVE-2019-11500
2019-08-29 14:15:00
openvas
openvas
Debian: Security Advisory (DLA-1901-1)
2019-08-30 00:00:00
SUSE: Security Advisory (SUSE-SU-2019:2454-1)
2021-04-19 00:00:00
Ubuntu: Security Advisory (USN-4110-4)
2022-08-26 00:00:00
ubuntu
ubuntu
Dovecot vulnerability
2019-08-28 00:00:00
Dovecot vulnerability
2019-08-28 00:00:00
Dovecot regression
2019-08-28 00:00:00
checkpoint_advisories
checkpoint_advisories
Dovecot And Pigeonhole Remote Code Execution (CVE-2019-11500)
2020-03-01 00:00:00
debian
debian
[SECURITY] [DSA 4510-1] dovecot security update
2019-08-28 12:15:27
[SECURITY] [DLA 1901-1] dovecot security update
2019-08-29 19:03:07
[SECURITY] [DSA 4510-1] dovecot security update
2019-08-28 12:15:48
archlinux
archlinux
[ASA-201908-18] dovecot: arbitrary code execution
2019-08-28 00:00:00
[ASA-201908-19] pigeonhole: arbitrary code execution
2019-08-28 00:00:00
cve
cve
CVE-2019-11500
2019-08-29 14:15:00
centos
centos
dovecot security update
2019-09-27 12:11:33
dovecot security update
2019-09-26 13:00:35
amazon
amazon
Important: dovecot
2019-11-04 22:10:00
veracode
veracode
Remote Code Execution (RCE)
2019-09-21 00:17:27
prion
prion
Remote code execution
2019-08-29 14:15:00
altlinux
altlinux
fedora
fedora
[SECURITY] Fedora 31 Update: dovecot-2.3.7.2-1.fc31
2019-09-14 16:38:16
[SECURITY] Fedora 30 Update: dovecot-2.3.7.2-1.fc30
2019-08-30 14:21:41
[SECURITY] Fedora 29 Update: dovecot-2.3.7.2-1.fc29
2019-09-06 12:59:59
redhatcve
redhatcve
CVE-2019-11500
2019-10-10 05:23:44
mageia
mageia
Updated dovecot packages fix security vulnerability
2019-09-08 17:09:05
redhat
redhat
(RHSA-2019:2885) Important: dovecot security update
2019-09-23 19:48:53
(RHSA-2019:2822) Important: dovecot security update
2019-09-20 01:37:54
(RHSA-2019:2836) Important: dovecot security update
2019-09-20 08:22:52
cvelist
cvelist
CVE-2019-11500
2019-08-29 13:51:46
gentoo
gentoo
Dovecot: Multiple vulnerabilities
2019-08-31 00:00:00
suse
suse
Security update for dovecot23 (important)
2019-10-07 00:00:00
Security update for dovecot23 (important)
2019-10-07 00:00:00