CVE-2009-3235 – cyrus-impad: CMU sieve buffer overflows

https://notcve.org/view.php?id=CVE-2009-3235

17 Sep 2009 — Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different vulnerability than CVE-2009-2632. Múltiples desbordamientos de búfer basados en pila en el complemento -plugin- Sieve de Dovecot v1.0 anterior a... • http://dovecot.org/list/dovecot-news/2009-September/000135.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •