Loading
Integer overflow in the index_urlfetch function in imap/index.c in Cyrus IMAP 2.3.19, 2.4.18, and 2.5.6 allows remote attackers to have unspecified impact via vectors related to urlfetch range checks and the start_octet variable. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8076.
Use CWE-189, Cyrus vendor hub and Imap product page to widen CVE-2015-8077 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2019-18928, CVE-2019-11356 and CVE-2017-14230 for nearby disclosures in the same product family.