- Description
- IMAP 4.1 BETA, and possibly other versions, does not properly handle the SIGABRT (abort) signal, which allows local users to crash the server (imapd) via certain sequences of commands, which causes a core dump that may contain sensitive password information.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 3.6
- Impact score
- 4.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:N/A:P
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:university_of_washington:imapd:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "358DA403-C53C-41C5-8BA2-ECCD90A08FC4"
},
{
"criteria": "cpe:2.3:a:university_of_washington:imapd:4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F96386E6-0756-4181-9A05-1AA8AA202982"
}
],
"operator": "OR"
}
]
}
]