CVE-2002-1580

2004-06-1404:00:00

[email protected]

web.nvd.nist.gov

In Wild

cve-2002-1580

integer overflow

buffer overflow

cyrus imap server

remote code execution

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.9 High

AI Score

Confidence

High

0.426 Medium

EPSS

Percentile

97.3%

JSON

Integer overflow in imapparse.c for Cyrus IMAP server 1.4 and 2.1.10 allows remote attackers to execute arbitrary code via a large length value that facilitates a buffer overflow attack, a different vulnerability than CVE-2002-1347.

Affected configurations

NVD

Node

carnegie_mellon_universitycyrus_imap_serverMatch1.4

carnegie_mellon_universitycyrus_imap_serverMatch1.5.19

carnegie_mellon_universitycyrus_imap_serverMatch2.0.12

carnegie_mellon_universitycyrus_imap_serverMatch2.0.16

carnegie_mellon_universitycyrus_imap_serverMatch2.1.9

carnegie_mellon_universitycyrus_imap_serverMatch2.1.10

CPENameOperatorVersion
carnegie_mellon_university:cyrus_imap_servercarnegie mellon university cyrus imap servereq1.4
carnegie_mellon_university:cyrus_imap_servercarnegie mellon university cyrus imap servereq1.5.19
carnegie_mellon_university:cyrus_imap_servercarnegie mellon university cyrus imap servereq2.0.12
carnegie_mellon_university:cyrus_imap_servercarnegie mellon university cyrus imap servereq2.0.16
carnegie_mellon_university:cyrus_imap_servercarnegie mellon university cyrus imap servereq2.1.9
carnegie_mellon_university:cyrus_imap_servercarnegie mellon university cyrus imap servereq2.1.10

CPE	Name	Operator	Version
carnegie_mellon_university:cyrus_imap_server	carnegie mellon university cyrus imap server	eq	1.4
carnegie_mellon_university:cyrus_imap_server	carnegie mellon university cyrus imap server	eq	1.5.19
carnegie_mellon_university:cyrus_imap_server	carnegie mellon university cyrus imap server	eq	2.0.12
carnegie_mellon_university:cyrus_imap_server	carnegie mellon university cyrus imap server	eq	2.0.16
carnegie_mellon_university:cyrus_imap_server	carnegie mellon university cyrus imap server	eq	2.1.9
carnegie_mellon_university:cyrus_imap_server	carnegie mellon university cyrus imap server	eq	2.1.10