CyberSec.Space Logo
Back to CVE Browser

CVE-2004-1012

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1590%
EPSS Percentile26.00th
PublishedJan 10, 2005
Last ModifiedApr 16, 2026

Vulnerability Description

The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body.peek") and causes an index increment error that leads to an out-of-bounds memory corruption.

Affected Platforms (CPE)

πŸ“¦
Carnegie Mellon University

Cyrus Imap Server

= 2.1.7
πŸ“¦
Carnegie Mellon University

Cyrus Imap Server

= 2.1.9
πŸ“¦
Carnegie Mellon University

Cyrus Imap Server

= 2.1.10
πŸ“¦
Carnegie Mellon University

Cyrus Imap Server

= 2.1.16
πŸ“¦
Carnegie Mellon University

Cyrus Imap Server

= 2.2.0_alpha
πŸ“¦
Carnegie Mellon University

Cyrus Imap Server

= 2.2.1_beta
πŸ“¦
Carnegie Mellon University

Cyrus Imap Server

= 2.2.2_beta
πŸ“¦
Carnegie Mellon University

Cyrus Imap Server

= 2.2.3
πŸ“¦
Carnegie Mellon University

Cyrus Imap Server

= 2.2.4
πŸ“¦
Carnegie Mellon University

Cyrus Imap Server

= 2.2.5
πŸ“¦
Carnegie Mellon University

Cyrus Imap Server

= 2.2.6
πŸ“¦
Carnegie Mellon University

Cyrus Imap Server

= 2.2.7
πŸ“¦
Carnegie Mellon University

Cyrus Imap Server

= 2.2.8
πŸ“¦
Openpkg

Openpkg

= current
πŸ’»
Conectiva

Linux

= 9.0
πŸ’»
Conectiva

Linux

= 10.0
πŸ’»
Redhat

Fedora Core

= core_2.0
πŸ’»
Redhat

Fedora Core

= core_3.0
πŸ’»
Trustix

Secure Linux

= 2.0
πŸ’»
Trustix

Secure Linux

= 2.1
πŸ’»
Trustix

Secure Linux

= 2.2
πŸ’»
Ubuntu

Ubuntu Linux

= 4.1
πŸ’»
Ubuntu

Ubuntu Linux

= 4.1

References & Advisories

πŸ”— http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce&msg=143
πŸ”— http://asg.web.cmu.edu/cyrus/download/imapd/changes.html
πŸ”— http://marc.info/?l=bugtraq&m=110123023521619&w=2
πŸ”— http://secunia.com/advisories/13274/
πŸ”— http://security.e-matters.de/advisories/152004.html
πŸ”— http://security.gentoo.org/glsa/glsa-200411-34.xml
πŸ”— http://www.debian.org/security/2004/dsa-597
πŸ”— http://www.mandriva.com/security/advisories?name=MDKSA-2004:139

Related Vulnerabilities

CVE-2004-101510.0

Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and earlier, with the imapmagicplus option enabled, may allow remote attacke...

CVE-2004-101310.0

The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arb...

CVE-2004-101110.0

Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attacke...

CVE-2004-106710.0

Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may al...