4 results (0.023 seconds)

CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0

A flaw was found in mbsync versions prior to 1.4.4. Due to inadequate handling of extremely large (>=2GiB) IMAP literals, malicious or compromised IMAP servers, and hypothetically even external email senders, could cause several different buffer overflows, which could conceivably be exploited for remote code execution. Se ha encontrado un fallo en mbsync versiones anteriores a 1.4.4. Debido al manejo inapropiado de literales IMAP extremadamente grandes ()=2GiB), los servidores IMAP maliciosos o comprometidos, e hipotéticamente incluso los remitentes de correo electrónico externos, podrían causar varios desbordamientos de búfer diferentes, que podrían ser explotados para una ejecución de código remota • https://bugzilla.redhat.com/show_bug.cgi?id=2028932 https://lists.debian.org/debian-lts-announce/2022/07/msg00001.html https://security.gentoo.org/glsa/202208-15 https://www.openwall.com/lists/oss-security/2021/12/03/1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0

A flaw was found in mbsync before v1.3.6 and v1.4.2, where an unchecked pointer cast allows a malicious or compromised server to write an arbitrary integer value past the end of a heap-allocated structure by issuing an unexpected APPENDUID response. This could be plausibly exploited for remote code execution on the client. Se ha encontrado un fallo en mbsync versiones anteriores a v1.3.6 y v1.4.2, en el que un reparto de punteros no comprobado permite a un servidor malicioso o comprometido escribir un valor entero arbitrario más allá del final de una estructura asignada a la pila emitiendo una respuesta APPENDUID no esperada. Esto podría ser explotado de forma plausible para una ejecución de código remota en el cliente • http://www.openwall.com/lists/oss-security/2021/06/07/1 https://bugzilla.redhat.com/show_bug.cgi?id=1961710 https://bugzilla.redhat.com/show_bug.cgi?id=1967397 https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug https://lists.debian.org/debian-lts-announce/2022/07/msg00001.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RPIDLIJKNRJHUVBCL7QGAPAAVPIHQGXK https://lists.fedoraproject.org/archives/list/package-announce%40lists • CWE-704: Incorrect Type Conversion or Cast •

CVSS: 9.8EPSS: 8%CPEs: 6EXPL: 0

A flaw was found in mbsync in isync 1.4.0 through 1.4.3. Due to an unchecked condition, a malicious or compromised IMAP server could use a crafted mail message that lacks headers (i.e., one that starts with an empty line) to provoke a heap overflow, which could conceivably be exploited for remote code execution. Se ha encontrado un fallo en mbsync en isync versiones 1.4.0 hasta 1.4.3. Debido a una condición no comprobada, un servidor IMAP malicioso o comprometido podría usar un mensaje de correo diseñado que carece de encabezados (es decir, uno que comienza con una línea vacía) para provocar un desbordamiento de la pila, que podría ser explotado para una ejecución de código remota • http://www.openwall.com/lists/oss-security/2021/12/03/2 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999804 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CYZ2GNB4ZO2T27D2XNUWMCS3THZYSJQU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LCBSY7OZ57XNC6ZYXF6WU5KBSWITZVDX https://security.gentoo.org/glsa/202208-15 https://sourceforge.net/p/isync/isync/commit_browser https://sourceforge.net/p/isync/isync/ref/master/ta • CWE-787: Out-of-bounds Write •

CVSS: 4.3EPSS: 0%CPEs: 11EXPL: 0

Isync 0.4 before 1.0.6, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. Isync 0.4 anterior a 1.0.6, no verifica que el nombre del servidor coincide con un nombre de dominio en el nombre común (CN) o el campo subjectAltName del certificado X.509, lo que permite a atacantes man-in-the-middle falsificar servidores SSL a través de un certificado válido arbitrario. • http://lists.fedoraproject.org/pipermail/package-announce/2013-March/099544.html http://lists.fedoraproject.org/pipermail/package-announce/2013-March/099547.html http://secunia.com/advisories/55190 http://security.gentoo.org/glsa/glsa-201310-02.xml http://sourceforge.net/p/isync/isync/ci/914ede18664980925628a9ed2a73ad05f85aeedb http://sourceforge.net/projects/isync/files/isync/1.0.6 http://www.openwall.com/lists/oss-security/2013/02/20/9 http://www.securityfocus.com/bid/57423 https://exc • CWE-310: Cryptographic Issues •