Description
c-client IMAP Client, as used in imap-2002b and Pine 4.53, allows remote malicious IMAP servers to cause a denial of service (crash) and possibly execute arbitrary code via certain large (1) literal and (2) mailbox size values that cause either integer signedness errors or integer overflow errors.
CVSS Metrics
- Vector
- AV:N/AC:L/Au:N/C:P/I:P/A:P
- Access Vector
- network
- Access Cmplx
- low
- Auth
- none
- Confidentiality
- partial
- Integrity
- partial
- Availability
- partial
- Weaknesses
- NVD-CWE-Other
Metadata
- Primary Vendor
- UNIVERSITY_OF_WASHINGTON
- Published
- 6/16/2003
- Last Modified
- 4/3/2025
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
university_of_washington : c-clientuniversity_of_washington : imap-2002buniversity_of_washington : pine
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.