cbcvebase.
CVE-2008-5514
published 2008-12-23

CVE-2008-5514: Off-by-one error in the rfc822_output_char function in the RFC822BUFFER routines in the University of Washington (UW) c-client library, as used by the UW IMAP…

PriorityP415medium4.3CVSS 2.0
AVNACMAuNCNINAP
EPSS
1.76%
75.3th percentile
Off-by-one error in the rfc822_output_char function in the RFC822BUFFER routines in the University of Washington (UW) c-client library, as used by the UW IMAP toolkit before imap-2007e and other applications, allows context-dependent attackers to cause a denial of service (crash) via an e-mail message that triggers a buffer overflow.

Affected

43 ranges· showing 25
VendorProductVersion rangeFixed in
alpine_projectalpine>= 0 < 2.02-3.12.02-3.1
alpine_projectalpine>= 0 < 2.02-3.12.02-3.1
alpine_projectalpine>= 0 < 2.02-3.12.02-3.1
alpine_projectalpine>= 0 < 2.02-3.12.02-3.1
debianalpine< alpine 2.02-3.1 (bookworm)alpine 2.02-3.1 (bookworm)
debianuw-imap< alpine 2.02-3.1 (bookworm)alpine 2.02-3.1 (bookworm)
university_of_washingtonimap<= 2007d
university_of_washingtonimap
university_of_washingtonimap
university_of_washingtonimap
university_of_washingtonimap
university_of_washingtonimap
university_of_washingtonimap
university_of_washingtonimap
university_of_washingtonimap
university_of_washingtonimap
university_of_washingtonimap
university_of_washingtonimap
university_of_washingtonimap
university_of_washingtonimap
university_of_washingtonimap
university_of_washingtonimap
university_of_washingtonimap
university_of_washingtonimap
university_of_washingtonimap

CVSS provenance

nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
osv4.3MEDIUM
vendor_debian4.3LOW
vendor_redhat4.3MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.