CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
88.7%
The following DoS condition in IMAP extension
was fixed in PHP 5.3.4 and PHP 5.2.15:
A remote user can send specially crafted IMAP user name
or password data to trigger a double free memory error
in ‘ext/imap/php_imap.c’ and cause the target service
to crash.
It may be possible to execute arbitrary code.
However, code execution was not confirmed.