CVE-2003-0297
Severity Score
7.5
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
c-client IMAP Client, as used in imap-2002b and Pine 4.53, allows remote malicious IMAP servers to cause a denial of service (crash) and possibly execute arbitrary code via certain large (1) literal and (2) mailbox size values that cause either integer signedness errors or integer overflow errors.
El cliente IMAP, usado en imap-2002b y Pine 4.53, permite que servidores IMAP dañinos originen una denegación de servicio (caída) y posiblemente ejecuten código arbitrario mediante ciertos valores de mailbox deamasiado grandes (lo que causa un desbordamiento de búfer de enteros).
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2003-05-14 CVE Reserved
- 2003-05-15 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-08 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| http://marc.info/?l=bugtraq&m=105294024124163&w=2 | Mailing List |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.redhat.com/support/errata/RHSA-2005-015.html | 2018-10-19 | |
| http://www.redhat.com/support/errata/RHSA-2005-114.html | 2018-10-19 | |
| http://www.securityfocus.com/archive/1/430302/100/0/threaded | 2018-10-19 | |
| https://access.redhat.com/security/cve/CVE-2003-0297 | 2005-02-18 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1617017 | 2005-02-18 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| University Of Washington Search vendor "University Of Washington" | C-client Search vendor "University Of Washington" for product "C-client" | * | - |
Affected
| ||||||
| University Of Washington Search vendor "University Of Washington" | Imap-2002b Search vendor "University Of Washington" for product "Imap-2002b" | * | - |
Affected
| ||||||
| University Of Washington Search vendor "University Of Washington" | Pine Search vendor "University Of Washington" for product "Pine" | 4.53 Search vendor "University Of Washington" for product "Pine" and version "4.53" | - |
Affected
| ||||||