The vulnerability of the Cyrus IMAP mail server and the OpenSUSE and OpenSUSE Leap operating systems allows attackers to compromise the integrity and accessibility of protected information.

The vulnerability of the indexurlfetch function imap/index.c in the Cyrus IMAP server is caused by a numerical overflow condition. Exploiting this vulnerability allows an attacker to compromise the integrity and accessibility of protected information by using the UrlFetch function and the...

Integer overflow

Integer overflow in the indexurlfetch function in imap/index.c in Cyrus IMAP 2.3.19, 2.4.18, and 2.5.6 allows remote attackers to have unspecified impact via vectors related to urlfetch range checks and the startoctet variable. NOTE: this vulnerability exists because of an incomplete fix for...

CVE-2015-8077

Integer overflow in the indexurlfetch function in imap/index.c in Cyrus IMAP 2.3.19, 2.4.18, and 2.5.6 allows remote attackers to have unspecified impact via vectors related to urlfetch range checks and the startoctet variable. NOTE: this vulnerability exists because of an incomplete fix for...

CVE-2015-8077

CVE-2015-8077 is a Cyrus IMAP vulnerability affecting 2.3.19, 2.4.18, and 2.5.6 where an integer overflow in index_urlfetch (imap/index.c) can be triggered via urlfetch range checks and the start_octet, with impact described as unspecified. The issue is linked to an incomplete fix for CVE-2015-80...

FreeBSD : cyrus-imapd -- integer overflow in the start_octet addition (d62ec98e-97d8-11e5-8c0e-080027b00c2e)

Cyrus IMAP 2.5.7 Release Note states : CVE-2015-8077, CVE-2015-8078: protect against integer overflow in urlfetch range checks %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright...