Buffer overflow in University_of_washington Imap

CVE-2008-5514

Off-by-one error in the rfc822_output_char function in the RFC822BUFFER routines in the University of Washington (UW) c-client library, as used by the UW IMAP toolkit before imap-2007e and other applications, allows context-dependent attac…

Vulnerability class: Buffer Overflow

EPSS: 0.018 (75.2th percentile) — read the EPSS interpretation.

Affected products

University_of_washington Imap — versions 2000, 2000a, 2000b
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

secalert@redhat.com (x_refsource_CONFIRM)
secalert@redhat.com (x_refsource_SECUNIA, third-party-advisory)
secalert@redhat.com (vdb-entry, x_refsource_BID)
secalert@redhat.com (x_refsource_SECUNIA, third-party-advisory)
secalert@redhat.com (vdb-entry, x_refsource_XF)
secalert@redhat.com (vdb-entry, x_refsource_SECTRACK)
secalert@redhat.com (vendor-advisory, x_refsource_FEDORA)
secalert@redhat.com (x_refsource_CONFIRM)
secalert@redhat.com (vdb-entry, x_refsource_VUPEN)
secalert@redhat.com (vendor-advisory, x_refsource_MANDRIVA)