lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle '\0' characters in header names, which allows remote attackers to cause a denial of service (daemon crash or mailbox corruption) via a crafted e-mail message.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
No history.
Information
Published : 2011-05-24 23:55
Updated : 2024-02-28 11:41
NVD link : CVE-2011-1929
Mitre link : CVE-2011-1929
CVE.ORG link : CVE-2011-1929
JSON object : View
Products Affected
dovecot
- dovecot
CWE
CWE-20
Improper Input Validation