CVE-2004-1067 in Cyrus IMAP Serverinfo

Summary

Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may allow remote attackers to execute arbitrary code via the username.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

11/29/2004

Disclosure

01/10/2005

Moderation

VulDB entry created

Entries

1: VDB-23675

CPE

ready

CWE

CWE-193 (Confirmed)

CVSS

10.0

EPSS

0.05476

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2004-1067
NVD	https://nvd.nist.gov/vuln/detail/CVE-2004-1067
CVE Details	https://www.cvedetails.com/cve/CVE-2004-1067/

◂ Previous Overview Next ▸