CVE-2002-2253

NONE EPSS 93.0%
Published Dec 31, 200223y ago · Modified Jun 16, 20262w ago
Find Similar
Published Dec 31, 2002 23y ago
Last Modified Jun 16, 2026 2w ago

Description

Multiple buffer overflows in Cyrus Sieve / libSieve 2.1.2 and earlier allow remote attackers to execute arbitrary code via (1) a long header name, (2) a long IMAP flag, or (3) a script that generates a large number of errors that overflow the resulting error string.

Threat Intelligence

EPSS Exploit Probability
93.0% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available

Weaknesses 1

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer Memory Safety

Affected Products 1

VendorProductVersionRange
cyruslibsieve* ≤2.1.2

References 7

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.