8 matches found
SUSE CVE-2015-8078
Integer overflow in the indexurlfetch function in imap/index.c in Cyrus IMAP 2.3.19, 2.4.18, and 2.5.6 allows remote attackers to have unspecified impact via vectors related to urlfetch range checks and the sectionoffset variable. NOTE: this vulnerability exists because of an incomplete fix for...
SUSE CVE-2019-19783
An issue was discovered in Cyrus IMAP before 2.5.15, 3.0.x before 3.0.13, and 3.1.x through 3.1.8. If sieve script uploading is allowed 3.x or certain non-default sieve options are enabled 2.x, a user with a mail account on the service can use a sieve script containing a fileinto directive to...
Cyrus IMAP 安全漏洞
Cyrus IMAP is an open source mail server for the IMAP Interactive Mail Access Protocol protocol based on Unix and Linux operating systems. A security vulnerability exists in Cyrus IMAP. The vulnerability allows a remotely authenticated user to bypass the intended access restrictions of the server...
cyrus-imapd: buffer overflow in CalDAV request handling triggered by a long iCalendar property name
A flaw was found in the CalDAV feature in httpd in Cyrus IMAP. This flaw allows a remote attacker to execute arbitrary code via a crafted HTTP PUT operation for an event with a long iCalendar property name...
Cyrus IMAP Arbitrary Code Execution Vulnerability
Cyrus IMAP is a Unix and Linux-based operating system for supporting IMAP Interactive Mail Access Protocol protocol open source mail server . A security vulnerability exists in the CalDAV feature of httpd in Cyrus IMAP versions 2.5.x through 2.5.12 and 3.0.x through 3.0.9. A remote attacker could...
Cyrus IMAP Denial of Service Vulnerability
Cyrus IMAP is a free, open source Unix and Linux-based operating system for supporting IMAP Interactive Mail Access Protocol protocol mail server . A security vulnerability exists in the 'mboxlistdofind' function in the imap/mboxlist.c file in Cyrus IMAP versions prior to 3.0.4. A remote attacker...
Vulnerability of the Cyrus IMAP mail server and operating systems openSUSE and OpenSUSE Leap, allowing attackers to obtain confidential information or exert other effects
The vulnerability of the indexurlfetch function index.c in the Cyrus IMAP server is due to buffer overflow. Exploiting this vulnerability could allow a malicious actor, operating remotely, to obtain confidential information or possibly cause other adverse effects...
cyrus-imapd: NULL pointer dereference via crafted References header in email
The indexgetids function in index.c in imapd in Cyrus IMAP Server before 2.4.11, when server-side threading is enabled, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a crafted References header in an e-mail message...