FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2008-5514

This CVE name corresponds to:

Entered Topic
2009-01-11 imap-uw -- imap c-client buffer overflow
imap-uw -- local buffer overflow vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2008-5514 at cve.mitre.org

Details

Type Candidate
Name CVE-2008-5514
Phase Assigned(20081212)

Description

Off-by-one error in the rfc822_output_char function in the RFC822BUFFER routines in the University of Washington (UW) c-client library, as used by the UW IMAP toolkit before imap-2007e and other applications, allows context-dependent attackers to cause a denial of service (crash) via an e-mail message that triggers a buffer overflow.

References

Source Reference
CONFIRM http://www.washington.edu/imap/documentation/RELNOTES.html
CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=477227
FEDORA FEDORA-2009-0371
MANDRIVA MDVSA-2009:146
BID 32958
VUPEN ADV-2008-3490
SECTRACK 1021485
SECUNIA 33275
SECUNIA 33638
XF uwimapd-rfc822outputchar-dos(47526)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.