CVE-2011-1929

EPSS 4.3%

dovecot - programming error

Published: 5/24/2011Modified: 4/28/2026

Also known as:DEBIAN-CVE-2011-1929

Description

lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle '\0' characters in header names, which allows remote attackers to cause a denial of service (daemon crash or mailbox corruption) via a crafted e-mail message.

Affected packages (2)

Debian/dovecotfrom 0, < 1:2.0.13-1
Debian/dovecotfrom 0, < 1:1.2.15-7

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2011-1929