CVE-2005-1523

Format string vulnerability in imap4d server in GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via format string specifiers in the command tag for IMAP commands.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.idefense.com/application/poi/display?id=246&type=vulnerabilities	Patch
http://www.securityfocus.com/bid/13764	Patch
http://secunia.com/advisories/15442	Vendor Advisory
http://www.debian.org/security/2005/dsa-732
http://securitytracker.com/id?1014052

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:gnu:mailutils:0.5:::::::*
	cpe:2.3:a:gnu:mailutils:0.6:::::::*

Information

Published : 2005-05-25 21:00

Updated : 2008-09-05 13:49

NVD link : CVE-2005-1523

Mitre link : CVE-2005-1523

JSON object : View

CWE

NVD-CWE-Other

Products Affected

gnu

mailutils

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.idefense.com/application/poi/display?id=246&type=vulnerabilities", "name": "20050525 GNU Mailutils 0.6 imap4d Format String Vulnerability", "tags": ["Patch"], "refsource": "IDEFENSE"}, {"url": "http://www.securityfocus.com/bid/13764", "name": "13764", "tags": ["Patch"], "refsource": "BID"}, {"url": "http://secunia.com/advisories/15442", "name": "15442", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.debian.org/security/2005/dsa-732", "name": "DSA-732", "tags": [], "refsource": "DEBIAN"}, {"url": "http://securitytracker.com/id?1014052", "name": "1014052", "tags": [], "refsource": "SECTRACK"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Format string vulnerability in imap4d server in GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via format string specifiers in the command tag for IMAP commands."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2005-1523", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "HIGH", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": true, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2005-05-26T04:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:gnu:mailutils:0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:gnu:mailutils:0.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2008-09-05T20:49Z"}

7.5 /10