CyberSec.Space Logo
CVEブラウザに戻る

CVE-2004-1015

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0280%
EPSS Percentile19.70th
Published2005年1月10日
Last Modified2026年4月16日

Vulnerability Description

Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and earlier, with the imapmagicplus option enabled, may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2004-1011.

Affected Platforms (CPE)

📦
Carnegie Mellon University

Cyrus Imap Server

= 1.4
📦
Carnegie Mellon University

Cyrus Imap Server

= 1.5.19
📦
Carnegie Mellon University

Cyrus Imap Server

= 2.0.12
📦
Carnegie Mellon University

Cyrus Imap Server

= 2.0.16
📦
Carnegie Mellon University

Cyrus Imap Server

= 2.1.7
📦
Carnegie Mellon University

Cyrus Imap Server

= 2.1.9
📦
Carnegie Mellon University

Cyrus Imap Server

= 2.1.10
📦
Carnegie Mellon University

Cyrus Imap Server

= 2.1.16
📦
Carnegie Mellon University

Cyrus Imap Server

= 2.2.0_alpha
📦
Carnegie Mellon University

Cyrus Imap Server

= 2.2.1_beta
📦
Carnegie Mellon University

Cyrus Imap Server

= 2.2.2_beta
📦
Carnegie Mellon University

Cyrus Imap Server

= 2.2.3
📦
Carnegie Mellon University

Cyrus Imap Server

= 2.2.4
📦
Carnegie Mellon University

Cyrus Imap Server

= 2.2.5
📦
Carnegie Mellon University

Cyrus Imap Server

= 2.2.6
📦
Carnegie Mellon University

Cyrus Imap Server

= 2.2.7
📦
Carnegie Mellon University

Cyrus Imap Server

= 2.2.8
📦
Carnegie Mellon University

Cyrus Imap Server

= 2.2.9
💻
Redhat

Fedora Core

= core_2.0
💻
Redhat

Fedora Core

= core_3.0
💻
Ubuntu

Ubuntu Linux

= 4.1
💻
Ubuntu

Ubuntu Linux

= 4.1

References & Advisories

🔗 http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce&msg=145
🔗 http://asg.web.cmu.edu/cyrus/download/imapd/changes.html
🔗 http://security.gentoo.org/glsa/glsa-200411-34.xml
🔗 http://www.mandriva.com/security/advisories?name=MDKSA-2004:139
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/18274
🔗 http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce&msg=145
🔗 http://asg.web.cmu.edu/cyrus/download/imapd/changes.html
🔗 http://security.gentoo.org/glsa/glsa-200411-34.xml

関連する脆弱性情報

CVE-2004-101310.0

The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arb...

CVE-2004-101210.0

The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arb...

CVE-2004-101110.0

Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attacke...

CVE-2004-106710.0

Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may al...