Denial Of Service (DoS)

2020-04-1001:06:54

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.021 Low

EPSS

Percentile

89.2%

JSON

cyrus-imapd is vulnerable to denial of service (DoS). The vulnerability exists as a NULL pointer dereference flaw was found in the cyrus-imapd IMAP server, imapd. A remote attacker could send a specially-crafted mail message to a victim that would possibly prevent them from accessing their mail normally, if they were using an IMAP client that relies on the server threading IMAP feature.

CPENameOperatorVersion
cyrus-imapdeq2.2.12__10.el4_8.4
cyrus-imapdeq2.2.12__10.el4_8.1
cyrus-imapdeq2.2.12__15.el4
cyrus-imapdeq2.3.7__2.el5
cyrus-imapdeq2.3.7__7.el5_6.4
cyrus-imapdeq2.3.7__2.el5_3.2
cyrus-imapdeq2.2.12__16.el4
cyrus-imapdeq2.3.7__7.el5_4.3
cyrus-imapdeq2.3.7__1.1.el5
cyrus-imapdeq2.3.7__7.el5

Name	Operator	Version
cyrus-imapd	eq	2.2.12__10.el4_8.4
cyrus-imapd	eq	2.2.12__10.el4_8.1
cyrus-imapd	eq	2.2.12__15.el4
cyrus-imapd	eq	2.3.7__2.el5
cyrus-imapd	eq	2.3.7__7.el5_6.4
cyrus-imapd	eq	2.3.7__2.el5_3.2
cyrus-imapd	eq	2.2.12__16.el4
cyrus-imapd	eq	2.3.7__7.el5_4.3
cyrus-imapd	eq	2.3.7__1.1.el5
cyrus-imapd	eq	2.3.7__7.el5