cbcvebase.
CVE-2004-1011
published 2005-01-10

CVE-2004-1011: Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code…

PriorityP341critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
5.84%
92.3th percentile
Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a different vulnerability than CVE-2004-1015.

Affected

28 ranges· showing 25
VendorProductVersion rangeFixed in
carnegie_mellon_universitycyrus_imap_server
carnegie_mellon_universitycyrus_imap_server
carnegie_mellon_universitycyrus_imap_server
carnegie_mellon_universitycyrus_imap_server
carnegie_mellon_universitycyrus_imap_server
carnegie_mellon_universitycyrus_imap_server
carnegie_mellon_universitycyrus_imap_server
carnegie_mellon_universitycyrus_imap_server
carnegie_mellon_universitycyrus_imap_server
carnegie_mellon_universitycyrus_imap_server
carnegie_mellon_universitycyrus_imap_server
carnegie_mellon_universitycyrus_imap_server
carnegie_mellon_universitycyrus_imap_server
carnegie_mellon_universitycyrus_imap_server
carnegie_mellon_universitycyrus_imap_server
carnegie_mellon_universitycyrus_imap_server
carnegie_mellon_universitycyrus_imap_server
carnegie_mellon_universitycyrus_imap_server
conectivalinux
conectivalinux
debiancyrus-imapd
openpkgopenpkg
redhatfedora_core
redhatfedora_core
trustixsecure_linux

CVSS provenance

nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_debian10.0LOW
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.