Vulnerability Description
IMAP 4.1 BETA, and possibly other versions, does not properly handle the SIGABRT (abort) signal, which allows local users to crash the server (imapd) via certain sequences of commands, which causes a core dump that may contain sensitive password information.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| University Of Washington | Imapd | All versions |
References
- http://marc.info/?l=bugtraq&m=87635124302928&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/349
- http://marc.info/?l=bugtraq&m=87635124302928&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/349
FAQ
What is CVE-1999-1224?
CVE-1999-1224 is a vulnerability with a CVSS score of 3.6 (LOW). IMAP 4.1 BETA, and possibly other versions, does not properly handle the SIGABRT (abort) signal, which allows local users to crash the server (imapd) via certain sequences of commands, which causes a ...
How severe is CVE-1999-1224?
CVE-1999-1224 has been rated LOW with a CVSS base score of 3.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-1999-1224?
Check the references section above for vendor advisories and patch information. Affected products include: University Of Washington Imapd.