CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-1067

Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may allow remote attackers to execute arbitrary code via the username.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.055

EPSS Ranking 89.6%

CVSS Severity

CVSS v2 Score 10.0

References

Products affected by CVE-2004-1067

Carnegie Mellon University » Cyrus Imap Server » Version: 1.4

cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:1.4
Carnegie Mellon University » Cyrus Imap Server » Version: 1.5.19

cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:1.5.19
Carnegie Mellon University » Cyrus Imap Server » Version: 2.0.12

cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.0.12
Carnegie Mellon University » Cyrus Imap Server » Version: 2.0.16

cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.0.16
Carnegie Mellon University » Cyrus Imap Server » Version: 2.1.10

cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.1.10
Carnegie Mellon University » Cyrus Imap Server » Version: 2.1.16

cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.1.16
Carnegie Mellon University » Cyrus Imap Server » Version: 2.1.7

cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.1.7
Carnegie Mellon University » Cyrus Imap Server » Version: 2.1.9

cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.1.9
Carnegie Mellon University » Cyrus Imap Server » Version: 2.2.0_alpha

cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.0_alpha
Carnegie Mellon University » Cyrus Imap Server » Version: 2.2.1_beta

cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.1_beta
Carnegie Mellon University » Cyrus Imap Server » Version: 2.2.2_beta

cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.2_beta
Carnegie Mellon University » Cyrus Imap Server » Version: 2.2.3

cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.3
Carnegie Mellon University » Cyrus Imap Server » Version: 2.2.4

cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.4
Carnegie Mellon University » Cyrus Imap Server » Version: 2.2.5

cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.5
Carnegie Mellon University » Cyrus Imap Server » Version: 2.2.6

cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.6
Carnegie Mellon University » Cyrus Imap Server » Version: 2.2.7

cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.7
Carnegie Mellon University » Cyrus Imap Server » Version: 2.2.8

cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.8
Carnegie Mellon University » Cyrus Imap Server » Version: 2.2.9

cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.9
Redhat » Fedora Core » Version: core_2.0

cpe:2.3:o:redhat:fedora_core:core_2.0
Redhat » Fedora Core » Version: core_3.0

cpe:2.3:o:redhat:fedora_core:core_3.0
Ubuntu » Ubuntu Linux » Version: 4.1

cpe:2.3:o:ubuntu:ubuntu_linux:4.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-1067

Products

Pricing

Contact Us