A flaw was found in mbsync in isync 1.4.0 through 1.4.3. Due to an unchecked condition, a malicious or compromised IMAP server could use a crafted mail message that lacks headers (i.e., one that starts with an empty line) to provoke a heap overflow, which could conceivably be exploited for remote code execution.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
07 Nov 2023, 03:39
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2021-11-22 20:15
Updated : 2024-02-28 18:48
NVD link : CVE-2021-44143
Mitre link : CVE-2021-44143
CVE.ORG link : CVE-2021-44143
JSON object : View
Products Affected
fedoraproject
- fedora
debian
- debian_linux
isync_project
- isync
CWE
CWE-787
Out-of-bounds Write