Vulnerability Details CVE-2005-4267
Stack-based buffer overflow in Qualcomm WorldMail 3.0 allows remote attackers to execute arbitrary code via a long IMAP command that ends with a "}" character, as demonstrated using long (1) LIST, (2) LSUB, (3) SEARCH TEXT, (4) STATUS INBOX, (5) AUTHENTICATE, (6) FETCH, (7) SELECT, and (8) COPY commands.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.769
EPSS Ranking 98.9%
CVSS Severity
CVSS v2 Score 7.5
References
- http://seclists.org/lists/fulldisclosure/2005/Dec/1037.html
- http://secunia.com/advisories/17640
- http://securityreason.com/securityalert/277
- http://securitytracker.com/id?1015391
- http://www.idefense.com/intelligence/vulnerabilities/display.php?id=359
- http://www.securityfocus.com/bid/15980
- http://www.vupen.com/english/advisories/2005/3005
- http://seclists.org/lists/fulldisclosure/2005/Dec/1037.html
- http://secunia.com/advisories/17640
- http://securityreason.com/securityalert/277
- http://securitytracker.com/id?1015391
- http://www.idefense.com/intelligence/vulnerabilities/display.php?id=359
- http://www.securityfocus.com/bid/15980
- http://www.vupen.com/english/advisories/2005/3005