CVE-2010-0745 — Dovecot vulnerability

CWE-3996 documents6 sources

Severity

5.0MEDIUMNVD

EPSS

1.9%

top 16.81%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Dovecot Debian Dovecot

Timeline

PublishedMay 20

Latest updateMay 2

Description

Unspecified vulnerability in Dovecot 1.2.x before 1.2.11 allows remote attackers to cause a denial of service (CPU consumption) via long headers in an e-mail message.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

▶debiandebian/dovecot< dovecot 1:1.2.11-1 (bookworm)

▶Debiandovecot/dovecot< 1:1.2.11-1+3

▶NVDdovecot/dovecot11 versions+10

Patches

Patch: dovecot.org ↗Patch: dovecot.org ↗

🔴Vulnerability Details

GHSA

GHSA-p8hw-7ch3-xcp2: Unspecified vulnerability in Dovecot 1↗2022-05-02

▶

OSV

CVE-2010-0745: Unspecified vulnerability in Dovecot 1↗2010-05-20

▶

📋Vendor Advisories

Red Hat

Dovecot: DoS (excessive CPU use) by processing email message with huge header↗2010-03-08

▶

Debian

CVE-2010-0745: dovecot - Unspecified vulnerability in Dovecot 1.2.x before 1.2.11 allows remote attackers...↗2010

▶

💬Community

Bugzilla

CVE-2010-0745 Dovecot: DoS (excessive CPU use) by processing email message with huge header↗2010-03-10

▶