Isync Project Isync vulnerabilities

CVE-2021-3657 [CRITICAL] CWE-119 CVE-2021-3657: A flaw was found in mbsync versions prior to 1.4.4. Due to inadequate handling of extremely large (> A flaw was found in mbsync versions prior to 1.4.4. Due to inadequate handling of extremely large (>=2GiB) IMAP literals, malicious or compromised IMAP servers, and hypothetically even external email senders, could cause several different buffer overflows, which could conceivably be exploited for remote code execution.

CVE-2021-3578 [HIGH] CWE-704 CVE-2021-3578: A flaw was found in mbsync before v1.3.6 and v1.4.2, where an unchecked pointer cast allows a malici A flaw was found in mbsync before v1.3.6 and v1.4.2, where an unchecked pointer cast allows a malicious or compromised server to write an arbitrary integer value past the end of a heap-allocated structure by issuing an unexpected APPENDUID response. This could be plausibly exploited for remote code execution on the client.

CVE-2021-44143 [CRITICAL] CWE-787 CVE-2021-44143: A flaw was found in mbsync in isync 1.4.0 through 1.4.3. Due to an unchecked condition, a malicious A flaw was found in mbsync in isync 1.4.0 through 1.4.3. Due to an unchecked condition, a malicious or compromised IMAP server could use a crafted mail message that lacks headers (i.e., one that starts with an empty line) to provoke a heap overflow, which could conceivably be exploited for remote code execution.

CVE-2021-20247 [HIGH] CVE-2021-20247: A flaw was found in mbsync before v1 A flaw was found in mbsync before v1.3.5 and v1.4.1. Validations of the mailbox names returned by IMAP LIST/LSUB do not occur allowing a malicious or compromised server to use specially crafted mailbox names containing '..' path components to access data outside the designated mailbox on the opposite end of the synchronization channel. The highest threat from this vulnerability is to data confidentiality and integrity.

CVE-2013-0289 [MEDIUM] CWE-310 CVE-2013-0289: Isync 0.4 before 1.0.6, does not verify that the server hostname matches a domain name in the subjec Isync 0.4 before 1.0.6, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.