CVE-2004-1012

EPSS 10.2%

cyrus-imapd - buffer overflow

發布日:2005/1/10修改日:2026/4/28

描述

The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body.peek") and causes an index increment error that leads to an out-of-bounds memory corruption.

受影響套件(2)

Debian/cyrus21-imapdfrom 0, < 1.5.19-9.2
Debian/cyrus-imapdfrom 0, < 1.5.19-20

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2004-1012