Lucene search

K

Veracode Vulnerability DatabaseVERACODE:23864

HistoryApr 10, 2020 - 12:38 a.m.

Arbitrary Code Execution

2020-04-1000:38:24

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

9

0.019 Low

EPSS

Percentile

88.6%

cyrus-imapd is vulnerable to arbitrary code execution. The vulnerability exists as an authenticated user able to create Sieve mail filtering rules could use these flaws to execute arbitrary code with the privileges of the Cyrus IMAP server user.

CPENameOperatorVersion
cyrus-imapdeq2.3.7__2.el5_3.2
cyrus-imapdeq2.3.7__2.el5
cyrus-imapdeq2.3.7__1.1.el5
cyrus-imapdeq2.3.7__2.el5_3.2
cyrus-imapdeq2.3.7__2.el5
cyrus-imapdeq2.3.7__1.1.el5

References

dovecot.org/list/dovecot-news/2009-September/000135.html

lists.apple.com/archives/security-announce/2009/Nov/msg00000.html

lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html

lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html

secunia.com/advisories/36698

secunia.com/advisories/36713

secunia.com/advisories/36904

support.apple.com/kb/HT3937

www.openwall.com/lists/oss-security/2009/09/14/3

www.osvdb.org/58103

www.redhat.com/security/updates/classification/#important

www.securityfocus.com/bid/36377

www.ubuntu.com/usn/USN-838-1

www.vupen.com/english/advisories/2009/2641

www.vupen.com/english/advisories/2009/3184

access.redhat.com/errata/RHSA-2009:1459

exchange.xforce.ibmcloud.com/vulnerabilities/53248

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10515

www.redhat.com/archives/fedora-package-announce/2009-September/msg00491.html

0.019 Low

EPSS

Percentile

88.6%

Related for VERACODE:23864

nessus24 openvas41 fedora2 cve1 ubuntucve1 prion1 osv1 debian5 cvelist1 oraclelinux1 nvd1 redhat1 debiancve1 centos1 ubuntu1 gentoo1