cbcvebase.
CVE-2004-1067
published 2005-01-10

CVE-2004-1067: Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may allow remote attackers to…

PriorityP434critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
5.18%
91.4th percentile
Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may allow remote attackers to execute arbitrary code via the username.

Affected

21 ranges
VendorProductVersion rangeFixed in
carnegie_mellon_universitycyrus_imap_server
carnegie_mellon_universitycyrus_imap_server
carnegie_mellon_universitycyrus_imap_server
carnegie_mellon_universitycyrus_imap_server
carnegie_mellon_universitycyrus_imap_server
carnegie_mellon_universitycyrus_imap_server
carnegie_mellon_universitycyrus_imap_server
carnegie_mellon_universitycyrus_imap_server
carnegie_mellon_universitycyrus_imap_server
carnegie_mellon_universitycyrus_imap_server
carnegie_mellon_universitycyrus_imap_server
carnegie_mellon_universitycyrus_imap_server
carnegie_mellon_universitycyrus_imap_server
carnegie_mellon_universitycyrus_imap_server
carnegie_mellon_universitycyrus_imap_server
carnegie_mellon_universitycyrus_imap_server
carnegie_mellon_universitycyrus_imap_server
carnegie_mellon_universitycyrus_imap_server
redhatfedora_core
redhatfedora_core
ubuntuubuntu_linux
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.