Integer overflow in the index_urlfetch function in imap/index.c in Cyrus
IMAP 2.3.19, 2.4.18, and 2.5.6 allows remote attackers to have unspecified
impact via vectors related to urlfetch range checks and the start_octet
variable. NOTE: this vulnerability exists because of an incomplete fix for
CVE-2015-8076.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 16.04 | noarch | cyrus-imapd-2.4 | <Β any | UNKNOWN |