CVE-2009-3235
Published Sep 17, 2009
Last updated 7 years ago
Overview
- Description
- Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different vulnerability than CVE-2009-2632.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-119
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dovecot:dovecot:1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4240BD98-3C31-42CE-AF8F-045DD4BFC084"
},
{
"criteria": "cpe:2.3:a:dovecot:dovecot:1.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4D7A4A82-6C8D-453E-ACC5-2C8BAC7804D6"
},
{
"criteria": "cpe:2.3:a:dovecot:dovecot:1.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1C05ACA0-ED87-4DDF-94B6-8D25BE1790F1"
},
{
"criteria": "cpe:2.3:a:dovecot:dovecot:1.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8A8C0C4A-F9DB-4BB7-BFC5-BEC22C3FE40B"
},
{
"criteria": "cpe:2.3:a:dovecot:dovecot:1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F8BE860F-A3C2-43E0-BC75-503C437DAADD"
},
{
"criteria": "cpe:2.3:a:dovecot:dovecot:1.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E4E57B06-8650-4374-B643-6FCBE3ABDAF5"
},
{
"criteria": "cpe:2.3:a:dovecot:dovecot:1.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B0384E42-1506-4C08-AA5A-18B2A711C7F0"
},
{
"criteria": "cpe:2.3:a:dovecot:dovecot:1.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F5DC1CE5-50B9-426E-B98A-224DC499AB15"
},
{
"criteria": "cpe:2.3:a:dovecot:dovecot:1.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "350A26D6-A8BA-4125-A640-264E08D28CB0"
},
{
"criteria": "cpe:2.3:a:dovecot:dovecot:1.1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "71057F4B-3040-4771-B989-9F3453934AAA"
},
{
"criteria": "cpe:2.3:a:dovecot:dovecot:1.1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1730EBB1-4071-4A23-B770-D564AF422273"
},
{
"criteria": "cpe:2.3:a:dovecot:dovecot:1.1.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "10A27394-E1C7-4EF0-94C8-71D6EA33CE6D"
}
],
"operator": "OR"
}
]
}
]