Vulnerability in Carnegie_mellon_university Cyrus_imap_server
CVE-2004-1012
The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body.peek") and causes…
EPSS: 0.060 (92.3th percentile) — read the EPSS interpretation.
Affected products
- Carnegie_mellon_university Cyrus_imap_server — versions 2.1.7, 2.1.9, 2.1.10
- Conectiva Linux — versions 9.0, 10.0
- Openpkg — versions current
- Trustix Secure_linux — versions 2.0, 2.1, 2.2
- Redhat Fedora_core — versions core_2.0, core_3.0
- Ubuntu Ubuntu_linux — versions 4.1
- N/a — versions n/a
References
- cve@mitre.org (vendor-advisory, x_refsource_DEBIAN)
- cve@mitre.org (vdb-entry, x_refsource_XF)
- cve@mitre.org (x_refsource_MISC)
- cve@mitre.org (x_refsource_CONFIRM)
- cve@mitre.org (vendor-advisory, x_refsource_MANDRAKE)
- cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)
- cve@mitre.org (mailing-list, x_refsource_MLIST)
- cve@mitre.org (x_refsource_SECUNIA, third-party-advisory)
- cve@mitre.org (vendor-advisory, x_refsource_GENTOO)
- cve@mitre.org (x_refsource_UBUNTU, vendor-advisory)