cyrus-imapd is vulnerable to denial of service (DoS). The vulnerability exists as a NULL pointer dereference flaw was found in the cyrus-imapd IMAP server, imapd. A remote attacker could send a specially-crafted mail message to a victim that would possibly prevent them from accessing their mail normally, if they were using an IMAP client that relies on the server threading IMAP feature.
bugzilla.cyrusimap.org/show_bug.cgi?id=2772
bugzilla.cyrusimap.org/show_bug.cgi?id=3463
git.cyrusimap.org/cyrus-imapd/commit/?id=6e776956a1a9dfa58eacdd0ddd52644009eac9e5
www.mandriva.com/security/advisories?name=MDVSA-2012:037
www.redhat.com/support/errata/RHSA-2011-1508.html
access.redhat.com/errata/RHSA-2011:1508
access.redhat.com/security/updates/classification/#moderate
exchange.xforce.ibmcloud.com/vulnerabilities/69842