4.4 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
7.7 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
10.1%
Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to the incorrect use of the sizeof operator for determining buffer length, combined with an integer signedness error.
dovecot.org/list/dovecot-news/2009-September/000135.html
lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html
secunia.com/advisories/36629
secunia.com/advisories/36632
secunia.com/advisories/36698
secunia.com/advisories/36713
secunia.com/advisories/36904
support.apple.com/kb/HT4077
www.debian.org/security/2009/dsa-1881
www.openwall.com/lists/oss-security/2009/09/14/3
www.osvdb.org/58103
www.securityfocus.com/bid/36296
www.securityfocus.com/bid/36377
www.ubuntu.com/usn/USN-838-1
www.vupen.com/english/advisories/2009/2559
www.vupen.com/english/advisories/2009/2641
bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sieve/script.c.diff?r1=1.62&r2=1.62.2.1&only_with_tag=cyrus-imapd-2_2-tail
lists.andrew.cmu.edu/pipermail/cyrus-cvs/2009-September/001253.html
lists.andrew.cmu.edu/pipermail/cyrus-cvs/2009-September/001254.html
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10082
www.redhat.com/archives/fedora-package-announce/2009-September/msg00491.html