Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:23864
HistoryApr 10, 2020 - 12:38 a.m.

Arbitrary Code Execution

2020-04-1000:38:24
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON

cyrus-imapd is vulnerable to arbitrary code execution. The vulnerability exists as an authenticated user able to create Sieve mail filtering rules could use these flaws to execute arbitrary code with the privileges of the Cyrus IMAP server user.

References

Related

nessus 24
openvas 41
fedora 2
debian 5
prion 1
cve 1
ubuntucve 1
osv 1
centos 1
redhat 1
debiancve 1
oraclelinux 1
ubuntu 1
gentoo 1
nessus
nessus
SuSE 10 Security Update : Cyrus IMAPD (ZYPP Patch Number 6509)
2009-10-29 00:00:00
openSUSE Security Update : cyrus-imapd (cyrus-imapd-1337)
2009-10-30 00:00:00
Fedora 11 : cyrus-imapd-2.3.15-1.fc11 (2009-9901)
2009-09-25 00:00:00
openvas
openvas
SLES11: Security update for Cyrus IMAPD
2009-11-11 00:00:00
SLES10: Security update for Cyrus IMAPD
2009-11-11 00:00:00
Fedora Core 11 FEDORA-2009-9901 (cyrus-imapd)
2009-09-28 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: cyrus-imapd-2.3.15-1.fc10
2009-09-24 05:17:25
[SECURITY] Fedora 11 Update: cyrus-imapd-2.3.15-1.fc11
2009-09-24 05:23:00
debian
debian
[Backports-security-announce] Security update for dovecot
2009-10-01 18:15:41
[SECURITY] [DSA 1893-1] New cyrus-imapd-2.2/kolab-cyrus-imapd packages fix arbitrary code execution
2009-09-23 16:36:12
[Backports-security-announce] Security update for dovecot
2009-10-01 18:15:41
prion
prion
Stack overflow
2009-09-17 10:30:00
cve
cve
CVE-2009-3235
2009-09-17 10:30:00
ubuntucve
ubuntucve
CVE-2009-3235
2009-09-17 00:00:00
osv
osv
dovecot - arbitrary code execution
2009-09-23 00:00:00
centos
centos
cyrus, perl security update
2009-09-26 00:34:20
redhat
redhat
(RHSA-2009:1459) Important: cyrus-imapd security update
2009-09-23 00:00:00
debiancve
debiancve
CVE-2009-3235
2009-09-17 10:30:00
oraclelinux
oraclelinux
cyrus-imapd security update
2009-09-23 00:00:00
ubuntu
ubuntu
Dovecot vulnerabilities
2009-09-28 00:00:00
gentoo
gentoo
Dovecot: Multiple vulnerabilities
2011-10-10 00:00:00

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON
Related for VERACODE:23864
nessus24openvas41fedora2debian5prion1cve1ubuntucve1osv1centos1redhat1debiancve1oraclelinux1ubuntu1gentoo1