5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.019 Low
EPSS
Percentile
88.5%
The following DoS condition in IMAP extension
was fixed in PHP 5.3.4 and PHP 5.2.15:
A remote user can send specially crafted IMAP user name
or password data to trigger a double free memory error
in ‘ext/imap/php_imap.c’ and cause the target service
to crash.
It may be possible to execute arbitrary code.
However, code execution was not confirmed.