CVE-2005-2933
Last modified
CVE-2005-2933 is a vulnerability of currently unknown severity. Buffer overflow in the mail_valid_net_parse_work function in mail.c for Washington's IMAP Server (UW-IMAP) before imap-2004g allows remote attackers to execute arbitrary code via a mailbox name containing a single double-quote (") character without a closing quote, which causes bytes after the double-quote to be copied into a buffer indefinitely.. EPSS estimates a 8.46% chance of exploitation in the next 30 days.
Description
Buffer overflow in the mail_valid_net_parse_work function in mail.c for Washington's IMAP Server (UW-IMAP) before imap-2004g allows remote attackers to execute arbitrary code via a mailbox name containing a single double-quote (") character without a closing quote, which causes bytes after the double-quote to be copied into a buffer indefinitely.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| University Of Washington | Uw-Imap | <= 2004f |
| University Of Washington | Uw-Imap | 2004 |
| University Of Washington | Uw-Imap | 2004a |
| University Of Washington | Uw-Imap | 2004b |
| University Of Washington | Uw-Imap | 2004c |
| University Of Washington | Uw-Imap | 2004d |
| University Of Washington | Uw-Imap | 2004e |
References
- http://secunia.com/advisories/17062/Patch, Vendor Advisory
- http://www.kb.cert.org/vuls/id/933601US Government Resource
- http://secunia.com/advisories/17062/Patch, Vendor Advisory
- http://www.kb.cert.org/vuls/id/933601US Government Resource
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2005-2933?
How severe is CVE-2005-2933?
How do I fix CVE-2005-2933?
Are you affected by CVE-2005-2933?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST