CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
88.1%
Integer overflow in the index_urlfetch function in imap/index.c in Cyrus
IMAP 2.3.19, 2.4.18, and 2.5.6 allows remote attackers to have unspecified
impact via vectors related to urlfetch range checks and the section_offset
variable. NOTE: this vulnerability exists because of an incomplete fix for
CVE-2015-8076.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 16.04 | noarch | cyrus-imapd-2.4 | <Β any | UNKNOWN |