• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Multiple Vendor IMAP Client Mailbox Size Memory Corruption Vulnerability

Vulnerabilities have been reported that could cause memory corruption and unpredictable behavior in multiple e-mail clients that support the IMAP protocol.

These issues may occur when the clients handle an excessive value for the mailbox size, as specified by an IMAP server. A malicious IMAP server may potentially leverage this condition to crash affected clients or possibly corrupt memory with specific values. The possibility of arbitrary code execution is not confirmed.

Consequences may vary depending on the particular clients.