CertccCVELIST:CVE-2009-2632CVE-2009-2632
Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to the incorrect use of the sizeof operator for determining buffer length, combined with an integer signedness error.
References
dovecot.org/list/dovecot-news/2009-September/000135.html
lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html
secunia.com/advisories/36629
secunia.com/advisories/36632
secunia.com/advisories/36698
secunia.com/advisories/36713
secunia.com/advisories/36904
support.apple.com/kb/HT4077
www.debian.org/security/2009/dsa-1881
www.openwall.com/lists/oss-security/2009/09/14/3
www.osvdb.org/58103
www.securityfocus.com/bid/36296
www.securityfocus.com/bid/36377
www.ubuntu.com/usn/USN-838-1
www.vupen.com/english/advisories/2009/2559
www.vupen.com/english/advisories/2009/2641
bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sieve/script.c.diff?r1=1.62&r2=1.62.2.1&only_with_tag=cyrus-imapd-2_2-tail
lists.andrew.cmu.edu/pipermail/cyrus-cvs/2009-September/001253.html
lists.andrew.cmu.edu/pipermail/cyrus-cvs/2009-September/001254.html
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10082
www.redhat.com/archives/fedora-package-announce/2009-September/msg00491.html
Related
