Lucene search

[email protected]NVD:CVE-2008-5514

HistoryDec 23, 2008 - 6:30 p.m.

CVE-2008-5514

2008-12-2318:30:03

CWE-119

[email protected]

web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.3 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

62.2%

JSON

Off-by-one error in the rfc822_output_char function in the RFC822BUFFER routines in the University of Washington (UW) c-client library, as used by the UW IMAP toolkit before imap-2007e and other applications, allows context-dependent attackers to cause a denial of service (crash) via an e-mail message that triggers a buffer overflow.

Affected configurations

NVD

Node

university_of_washingtonimapRange≤2007d

university_of_washingtonimapMatch2000

university_of_washingtonimapMatch2000a

university_of_washingtonimapMatch2000b

university_of_washingtonimapMatch2000c

university_of_washingtonimapMatch2001

university_of_washingtonimapMatch2001a

university_of_washingtonimapMatch2002

university_of_washingtonimapMatch2002a

university_of_washingtonimapMatch2002b

university_of_washingtonimapMatch2002c

university_of_washingtonimapMatch2002d

university_of_washingtonimapMatch2002e

university_of_washingtonimapMatch2002f

university_of_washingtonimapMatch2004

university_of_washingtonimapMatch2004a

university_of_washingtonimapMatch2004b

university_of_washingtonimapMatch2004c

university_of_washingtonimapMatch2004d

university_of_washingtonimapMatch2004e

university_of_washingtonimapMatch2004f

university_of_washingtonimapMatch2004g

university_of_washingtonimapMatch2006

university_of_washingtonimapMatch2006a

university_of_washingtonimapMatch2006b

university_of_washingtonimapMatch2006c

university_of_washingtonimapMatch2006d

university_of_washingtonimapMatch2006e

university_of_washingtonimapMatch2006f

university_of_washingtonimapMatch2006g

university_of_washingtonimapMatch2006h

university_of_washingtonimapMatch2006i

university_of_washingtonimapMatch2006j

university_of_washingtonimapMatch2006k

university_of_washingtonimapMatch2007

university_of_washingtonimapMatch2007a

university_of_washingtonimapMatch2007b

References

secunia.com/advisories/33275

secunia.com/advisories/33638

securitytracker.com/id?1021485

www.mandriva.com/security/advisories?name=MDVSA-2009:146

www.securityfocus.com/bid/32958

www.vupen.com/english/advisories/2008/3490

www.washington.edu/imap/documentation/RELNOTES.html

bugzilla.redhat.com/show_bug.cgi?id=477227

exchange.xforce.ibmcloud.com/vulnerabilities/47526

www.redhat.com/archives/fedora-package-announce/2009-January/msg00846.html

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.3 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

62.2%

JSON

Related for NVD:CVE-2008-5514

nessus10 openvas24 prion1 cvelist1 cve1 freebsd2 fedora2 ubuntucve1 debiancve1 seebug1 gentoo2 debian2