Heap overflow

The indexurlfetch function in index.c in Cyrus IMAP 2.3.x before 2.3.19, 2.4.x before 2.4.18, 2.5.x before 2.5.4 allows remote attackers to obtain sensitive information or possibly have unspecified other impact via vectors related to the urlfetch range, which triggers an out-of-bounds heap read...

Integer overflow

Integer overflow in the indexurlfetch function in imap/index.c in Cyrus IMAP 2.3.19, 2.4.18, and 2.5.6 allows remote attackers to have unspecified impact via vectors related to urlfetch range checks and the startoctet variable. NOTE: this vulnerability exists because of an incomplete fix for...

CVE-2015-8076

CVE-2015-8076 affects Cyrus IMAPd (Cyrus IMAP) where the index_urlfetch function in index.c is vulnerable to an out-of-bounds heap read via the urlfetch range. Affected are Cyrus IMAP 2.3.x before 2.3.19, 2.4.x before 2.4.18, and 2.5.x before 2.5.4. Public references (OpenSUSE, Red Hat, OpenVAS n...

CVE-2015-8077

CVE-2015-8077 is a Cyrus IMAP vulnerability affecting 2.3.19, 2.4.18, and 2.5.6 where an integer overflow in index_urlfetch (imap/index.c) can be triggered via urlfetch range checks and the start_octet, with impact described as unspecified. The issue is linked to an incomplete fix for CVE-2015-80...