CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
High
EPSS
Percentile
81.4%
c-client IMAP Client, as used in imap-2002b and Pine 4.53, allows remote malicious IMAP servers to cause a denial of service (crash) and possibly execute arbitrary code via certain large (1) literal and (2) mailbox size values that cause either integer signedness errors or integer overflow errors.
Vendor | Product | Version | CPE |
---|---|---|---|
university_of_washington | c-client | * | cpe:2.3:a:university_of_washington:c-client:*:*:*:*:*:*:*:* |
university_of_washington | imap-2002b | * | cpe:2.3:a:university_of_washington:imap-2002b:*:*:*:*:*:*:*:* |
university_of_washington | pine | 4.53 | cpe:2.3:a:university_of_washington:pine:4.53:*:*:*:*:*:*:* |