Multiple buffer overflows in (1) iso2022jp.c or (2) shiftjis.c for Courier-IMAP before 3.0.0, Courier before 0.45, and SqWebMail before 4.0.0 may allow remote attackers to execute arbitrary code when Unicode character is out of BMP range.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Courier_mta | Double_precision_incorporated | 0.43 (including) | 0.43 (including) |
| Courier_mta | Double_precision_incorporated | 0.43.1 (including) | 0.43.1 (including) |
| Courier_mta | Double_precision_incorporated | 0.43.2 (including) | 0.43.2 (including) |
| Courier_mta | Double_precision_incorporated | 0.44 (including) | 0.44 (including) |
| Courier_mta | Double_precision_incorporated | 0.44.2 (including) | 0.44.2 (including) |
| Sqwebmail | Double_precision_incorporated | 3.5.2 (including) | 3.5.2 (including) |
| Sqwebmail | Double_precision_incorporated | 3.5.3 (including) | 3.5.3 (including) |
| Sqwebmail | Double_precision_incorporated | 3.6.1 (including) | 3.6.1 (including) |
| Sqwebmail | Double_precision_incorporated | 3.6.2 (including) | 3.6.2 (including) |
| Sqwebmail | Double_precision_incorporated | 3.6_.0 (including) | 3.6_.0 (including) |
| Courier-imap | Inter7 | 1.6 (including) | 1.6 (including) |
| Courier-imap | Inter7 | 1.7 (including) | 1.7 (including) |
| Courier-imap | Inter7 | 2.0.0 (including) | 2.0.0 (including) |
| Courier-imap | Inter7 | 2.1 (including) | 2.1 (including) |
| Courier-imap | Inter7 | 2.1.1 (including) | 2.1.1 (including) |
| Courier-imap | Inter7 | 2.1.2 (including) | 2.1.2 (including) |
| Courier-imap | Inter7 | 2.2.0 (including) | 2.2.0 (including) |
| Courier-imap | Inter7 | 2.2.1 (including) | 2.2.1 (including) |