cbcvebase.
CVE-2015-8078
published 2015-12-03

CVE-2015-8078: Integer overflow in the index_urlfetch function in imap/index.c in Cyrus IMAP 2.3.19, 2.4.18, and 2.5.6 allows remote attackers to have unspecified impact via…

PriorityP338high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
2.75%
84.4th percentile
Integer overflow in the index_urlfetch function in imap/index.c in Cyrus IMAP 2.3.19, 2.4.18, and 2.5.6 allows remote attackers to have unspecified impact via vectors related to urlfetch range checks and the section_offset variable. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8076.

Affected

43 ranges· showing 25
VendorProductVersion rangeFixed in
cyrusimap
cyrusimap
cyrusimap
cyrusimap
cyrusimap
cyrusimap
cyrusimap
cyrusimap
cyrusimap
cyrusimap
cyrusimap
cyrusimap
cyrusimap
cyrusimap
cyrusimap
cyrusimap
cyrusimap
cyrusimap
cyrusimap
cyrusimap
cyrusimap
cyrusimap
cyrusimap
cyrusimap
cyrusimap

CVSS provenance

nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
vendor_redhat7.5HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.