Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2015-8078
HistoryDec 03, 2015 - 8:59 p.m.

CVE-2015-8078

2015-12-0320:59:10
CWE-189
[email protected]
web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

5.1 Medium

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.1%

JSON

Integer overflow in the index_urlfetch function in imap/index.c in Cyrus IMAP 2.3.19, 2.4.18, and 2.5.6 allows remote attackers to have unspecified impact via vectors related to urlfetch range checks and the section_offset variable. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8076.

Affected configurations

NVD
Node
opensuseleapMatch42.1
OR
opensuseopensuseMatch13.2
Node
cyrusimapMatch2.3.0
OR
cyrusimapMatch2.3.1
OR
cyrusimapMatch2.3.2
OR
cyrusimapMatch2.3.3
OR
cyrusimapMatch2.3.4
OR
cyrusimapMatch2.3.5
OR
cyrusimapMatch2.3.6
OR
cyrusimapMatch2.3.7
OR
cyrusimapMatch2.3.8
OR
cyrusimapMatch2.3.9
OR
cyrusimapMatch2.3.10
OR
cyrusimapMatch2.3.11
OR
cyrusimapMatch2.3.12
OR
cyrusimapMatch2.3.13
OR
cyrusimapMatch2.3.14
OR
cyrusimapMatch2.3.15
OR
cyrusimapMatch2.3.16
OR
cyrusimapMatch2.3.17
OR
cyrusimapMatch2.3.18
OR
cyrusimapMatch2.4.0
OR
cyrusimapMatch2.4.1
OR
cyrusimapMatch2.4.2
OR
cyrusimapMatch2.4.3
OR
cyrusimapMatch2.4.4
OR
cyrusimapMatch2.4.5
OR
cyrusimapMatch2.4.6
OR
cyrusimapMatch2.4.7
OR
cyrusimapMatch2.4.8
OR
cyrusimapMatch2.4.9
OR
cyrusimapMatch2.4.10
OR
cyrusimapMatch2.4.11
OR
cyrusimapMatch2.4.12
OR
cyrusimapMatch2.4.13
OR
cyrusimapMatch2.4.14
OR
cyrusimapMatch2.4.15
OR
cyrusimapMatch2.4.16
OR
cyrusimapMatch2.4.17
OR
cyrusimapMatch2.5.0
OR
cyrusimapMatch2.5.1
OR
cyrusimapMatch2.5.2
OR
cyrusimapMatch2.5.3

Related

prion 3
ubuntucve 3
cvelist 3
cve 3
suse 2
nessus 10
openvas 5
fedora 3
nvd 2
seebug 1
altlinux 3
mageia 1
freebsd 1
prion
prion
Integer overflow
2015-12-03 20:59:00
Heap overflow
2015-12-03 20:59:00
Integer overflow
2015-12-03 20:59:00
ubuntucve
ubuntucve
CVE-2015-8078
2015-12-03 00:00:00
CVE-2015-8076
2015-12-03 00:00:00
CVE-2015-8077
2015-12-03 00:00:00
cvelist
cvelist
CVE-2015-8078
2015-12-03 20:00:00
CVE-2015-8076
2015-12-03 20:00:00
CVE-2015-8077
2015-12-03 20:00:00
cve
cve
CVE-2015-8078
2015-12-03 20:59:10
CVE-2015-8076
2015-12-03 20:59:07
CVE-2015-8077
2015-12-03 20:59:09
suse
suse
Security update for cyrus-imapd (important)
2016-05-31 22:07:35
Security update for cyrus-imapd (important)
2016-06-01 12:07:51
nessus
nessus
SUSE SLES12 Security Update : cyrus-imapd (SUSE-SU-2016:1457-1) (POODLE)
2016-06-17 00:00:00
Fedora 23 : cyrus-imapd-2.4.18-1.fc23 (2015-e7712d6c32)
2016-03-04 00:00:00
Fedora 22 : cyrus-imapd-2.4.18-1.fc22 (2015-8d4b507cb0)
2016-03-04 00:00:00
openvas
openvas
SUSE: Security Advisory for cyrus-imapd (SUSE-SU-2016:1457-1)
2016-06-03 00:00:00
SUSE: Security Advisory (SUSE-SU-2016:1457-1)
2021-04-19 00:00:00
Fedora Update for cyrus-imapd FEDORA-2015-8
2015-11-18 00:00:00
fedora
fedora
[SECURITY] Fedora 23 Update: cyrus-imapd-2.4.18-1.fc23
2015-11-17 15:57:29
[SECURITY] Fedora 21 Update: cyrus-imapd-2.4.18-1.fc21
2015-11-20 23:29:13
[SECURITY] Fedora 22 Update: cyrus-imapd-2.4.18-1.fc22
2015-11-17 18:32:37
nvd
nvd
CVE-2015-8076
2015-12-03 20:59:07
CVE-2015-8077
2015-12-03 20:59:09
seebug
seebug
Cyrus IMAP index_urlfetchδΏ‘ζ―ζ³„ιœ²ζΌζ΄ž
2015-12-04 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package cyrus-imapd version 2.5.7-alt1
2015-12-11 00:00:00
Security fix for the ALT Linux 9 package cyrus-imapd version 2.5.7-alt1
2015-12-11 00:00:00
Security fix for the ALT Linux 7 package cyrus-imapd version 2.4.18-alt1.M70P.1
2016-01-07 00:00:00
mageia
mageia
Updated cyrus-imapd packages fix security vulnerability
2016-02-05 20:26:09
freebsd
freebsd
cyrus-imapd -- integer overflow in the start_octet addition
2015-11-04 00:00:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

5.1 Medium

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.1%

JSON
Related for NVD:CVE-2015-8078
prion3ubuntucve3cvelist3cve3suse2nessus10openvas5fedora3nvd2seebug1altlinux3mageia1freebsd1