Lucene search

K

Veracode Vulnerability DatabaseVERACODE:27603

HistoryOct 18, 2020 - 1:47 a.m.

Denial Of Service (DoS)

2020-10-1801:47:16

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

9

claws-mail

vulnerability

denial of service

imap

stack consumption

folder tree

EPSS

0.002

Percentile

62.2%

claws-mail is vulnerable to denial of service (DoS). The vulnerability exists in imap_scan_tree_recursive where a malicious IMAP server can trigger stack consumption because of unlimited recursion into subdirectories during a rebuild of the folder tree.

References

lists.fedoraproject.org/archives/list/[email protected]/message/3CRKHUOVTJBHT53J4CYU53PXYYQKSGEA/

lists.fedoraproject.org/archives/list/[email protected]/message/JUBLHUG2UCXVABAGN5FVTD3AB3YKE5NN/

lists.fedoraproject.org/archives/list/[email protected]/message/YNJIXYDMSXYDII4ERMQ4EEKZX64U3QR4/

www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=4313

EPSS

0.002

Percentile

62.2%

Related for VERACODE:27603

fedora3 openvas4 nessus3 prion1 alpinelinux1 debiancve1 nvd1 ubuntucve1 mageia1 cve1 cvelist1