Integer overflow in imapparse.c for Cyrus IMAP server 1.4 and 2.1.10 allows remote attackers to execute arbitrary code via a large length value that facilitates a buffer overflow attack, a different vulnerability than CVE-2002-1347.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Cyrus_imap_server | Carnegie_mellon_university | 1.4 (including) | 1.4 (including) |
| Cyrus_imap_server | Carnegie_mellon_university | 1.5.19 (including) | 1.5.19 (including) |
| Cyrus_imap_server | Carnegie_mellon_university | 2.0.12 (including) | 2.0.12 (including) |
| Cyrus_imap_server | Carnegie_mellon_university | 2.0.16 (including) | 2.0.16 (including) |
| Cyrus_imap_server | Carnegie_mellon_university | 2.1.9 (including) | 2.1.9 (including) |
| Cyrus_imap_server | Carnegie_mellon_university | 2.1.10 (including) | 2.1.10 (including) |