CVE-2008-5514

CWE-119Buffer Overflow9 documents7 sources
Severity
4.3MEDIUM
EPSS
0.8%
top 25.79%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
University OF Washington Imap
Timeline
PublishedDec 23
Latest updateMay 17

Description

Off-by-one error in the rfc822_output_char function in the RFC822BUFFER routines in the University of Washington (UW) c-client library, as used by the UW IMAP toolkit before imap-2007e and other applications, allows context-dependent attackers to cause a denial of service (crash) via an e-mail message that triggers a buffer overflow.

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 8.6 | Impact: 2.9

Affected Packages3 packages

Debianuw-imap< 2007b~dfsg-1.1+1
Debianalpine< 2.02-3.1+3

🔴Vulnerability Details

3
GHSA
GHSA-9m53-2xrc-rq26: Off-by-one error in the rfc822_output_char function in the RFC822BUFFER routines in the University of Washington (UW) c-client library, as used by the2022-05-17
OSV
CVE-2008-5514: Off-by-one error in the rfc822_output_char function in the RFC822BUFFER routines in the University of Washington (UW) c-client library, as used by the2008-12-23
CVEList
CVE-2008-5514: Off-by-one error in the rfc822_output_char function in the RFC822BUFFER routines in the University of Washington (UW) c-client library, as used by the2008-12-23

📋Vendor Advisories

2
Red Hat
libc-client: buffer overflow in rfc822_output_char / rfc822_output_data2008-12-15
Debian
CVE-2008-5514: alpine - Off-by-one error in the rfc822_output_char function in the RFC822BUFFER routines...2008

💬Community

3
Bugzilla
CVE-2008-5514 libc-client: buffer overflow in rfc822_output_char / rfc822_output_data [fedora-all]2011-12-26
Bugzilla
CVE-2008-5514 libc-client: buffer overflow in rfc822_output_char / rfc822_output_data [epel-all]2011-12-26
Bugzilla
CVE-2008-5514 libc-client: buffer overflow in rfc822_output_char / rfc822_output_data2008-12-19
CVE-2008-5514 (MEDIUM CVSS 4.3) | Off-by-one error in the rfc822_outp | cvebase.io