The index_urlfetch function in index.c in Cyrus IMAP 2.3.x before 2.3.19, 2.4.x before 2.4.18, 2.5.x before 2.5.4 allows remote attackers to obtain sensitive information or possibly have unspecified other impact via vectors related to the urlfetch range, which triggers an out-of-bounds heap read.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
21 Nov 2024, 02:37
Type | Values Removed | Values Added |
---|---|---|
References | () http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html - | |
References | () http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html - | |
References | () http://lists.opensuse.org/opensuse-updates/2015-09/msg00037.html - | |
References | () http://lists.opensuse.org/opensuse-updates/2015-09/msg00038.html - | |
References | () http://www.openwall.com/lists/oss-security/2015/09/29/2 - | |
References | () http://www.openwall.com/lists/oss-security/2015/09/30/3 - | |
References | () http://www.openwall.com/lists/oss-security/2015/11/04/3 - | |
References | () https://cyrus.foundation/cyrus-imapd/commit/?id=07de4ff1bf2fa340b9d77b8e7de8d43d47a33921 - | |
References | () https://cyrus.foundation/cyrus-imapd/commit/?id=c21e179c1f6b968fe69bebe079176714e511587b - Vendor Advisory | |
References | () https://docs.cyrus.foundation/imap/release-notes/2.3/x/2.3.19.html - | |
References | () https://docs.cyrus.foundation/imap/release-notes/2.4/x/2.4.18.html - Vendor Advisory | |
References | () https://docs.cyrus.foundation/imap/release-notes/2.5/x/2.5.4.html - Vendor Advisory |
Information
Published : 2015-12-03 20:59
Updated : 2024-11-21 02:37
NVD link : CVE-2015-8076
Mitre link : CVE-2015-8076
CVE.ORG link : CVE-2015-8076
JSON object : View
Products Affected
opensuse
- leap
- opensuse
cyrus
- imap