CVE-2011-3481

2011-09-1400:00:00

ubuntu.com

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.021 Low

EPSS

Percentile

89.2%

JSON

The index_get_ids function in index.c in imapd in Cyrus IMAP Server before
2.4.11, when server-side threading is enabled, allows remote attackers to
cause a denial of service (NULL pointer dereference and daemon crash) via a
crafted References header in an e-mail message.

OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarchcyrus-imapd-2.2< 2.2.13-19squeeze3build0.10.04.1UNKNOWN
ubuntu10.10noarchcyrus-imapd-2.2< 2.2.13-19squeeze3build0.10.10.1UNKNOWN