Cyrus IMAP Server SIEVE Script Local Buffer Overflow Vulnerability

Cyrus IMAP Server is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.

A local attacker can exploit this issue to execute arbitrary code as the affected process, possibly resulting in elevated privileges. Failed exploit attempts will likely cause denial-of-service conditions.

Cryus IMAP Server 2.2.13 is vulnerable; other versions may also be affected.


Privacy Statement
Copyright 2010, SecurityFocus