Vulnerability Description
c-client IMAP Client, as used in imap-2002b and Pine 4.53, allows remote malicious IMAP servers to cause a denial of service (crash) and possibly execute arbitrary code via certain large (1) literal and (2) mailbox size values that cause either integer signedness errors or integer overflow errors.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| University Of Washington | C-Client | All versions |
| University Of Washington | Imap-2002B | All versions |
| University Of Washington | Pine | 4.53 |
References
- http://marc.info/?l=bugtraq&m=105294024124163&w=2
- http://www.redhat.com/support/errata/RHSA-2005-015.html
- http://www.redhat.com/support/errata/RHSA-2005-114.html
- http://www.securityfocus.com/archive/1/430302/100/0/threaded
- http://marc.info/?l=bugtraq&m=105294024124163&w=2
- http://www.redhat.com/support/errata/RHSA-2005-015.html
- http://www.redhat.com/support/errata/RHSA-2005-114.html
- http://www.securityfocus.com/archive/1/430302/100/0/threaded
FAQ
What is CVE-2003-0297?
CVE-2003-0297 is a vulnerability with a CVSS score of 7.5 (HIGH). c-client IMAP Client, as used in imap-2002b and Pine 4.53, allows remote malicious IMAP servers to cause a denial of service (crash) and possibly execute arbitrary code via certain large (1) literal a...
How severe is CVE-2003-0297?
CVE-2003-0297 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-0297?
Check the references section above for vendor advisories and patch information. Affected products include: University Of Washington C-Client, University Of Washington Imap-2002B, University Of Washington Pine.