CVE-2010-4011Sensitive Information Exposure in Apple MAC OS X Server

CWE-200Sensitive Information Exposure4 documents4 sources
Severity
4.0MEDIUMNVD
EPSS
0.2%
top 63.93%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apple MAC OS X Server
Timeline
PublishedNov 17
Latest updateMay 17

Description

Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage memory for user names, which allows remote authenticated users to read the private e-mail of other persons in opportunistic circumstances via standard e-mail clients accessing a user's own mailbox, related to a "memory aliasing issue."

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 8.0 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-7mf7-jpv7-pq9x: Dovecot in Apple Mac OS X 102022-05-17
CVEList
CVE-2010-4011: Dovecot in Apple Mac OS X 102010-11-16

📋Vendor Advisories

1
Debian
CVE-2010-4011: dovecot - Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage memory for user...2010
CVE-2010-4011 — Sensitive Information Exposure in Apple | cvebase