Vulnerability Description
Multiple buffer overflows in the IMAP service in Mercury/32 4.01a allow remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via long arguments to the (1) EXAMINE, (2) SUBSCRIBE, (3) STATUS, (4) APPEND, (5) CHECK, (6) CLOSE, (7) EXPUNGE, (8) FETCH, (9) RENAME, (10) DELETE, (11) LIST, (12) SEARCH, (13) CREATE, or (14) UNSUBSCRIBE commands.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| David Harris | Mercury | 4.0.1a |
Related Weaknesses (CWE)
References
- http://home.kabelfoon.nl/~jaabogae/han/m_401b.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/029701.html
- http://marc.info/?l=bugtraq&m=110193702909991&w=2
- http://secunia.com/advisories/13348Vendor Advisory
- http://www.osvdb.org/12508
- http://www.securityfocus.com/bid/11775ExploitPatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18318
- http://home.kabelfoon.nl/~jaabogae/han/m_401b.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/029701.html
- http://marc.info/?l=bugtraq&m=110193702909991&w=2
- http://secunia.com/advisories/13348Vendor Advisory
- http://www.osvdb.org/12508
- http://www.securityfocus.com/bid/11775ExploitPatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18318
FAQ
What is CVE-2004-1211?
CVE-2004-1211 is a vulnerability with a CVSS score of 10.0 (HIGH). Multiple buffer overflows in the IMAP service in Mercury/32 4.01a allow remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via long argumen...
How severe is CVE-2004-1211?
CVE-2004-1211 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-1211?
Check the references section above for vendor advisories and patch information. Affected products include: David Harris Mercury.