CVE-2002-2253
NONE EPSS 93.0%
Published Dec 31, 200223y ago · Modified Jun 16, 20262w ago
Published Dec 31, 2002 23y ago
Last Modified Jun 16, 2026 2w ago
Description
Multiple buffer overflows in Cyrus Sieve / libSieve 2.1.2 and earlier allow remote attackers to execute arbitrary code via (1) a long header name, (2) a long IMAP flag, or (3) a script that generates a large number of errors that overflow the resulting error string.
Threat Intelligence
EPSS Exploit Probability
93.0% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available
Weaknesses 1
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer Memory Safety
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| cyrus | libsieve | * | ≤2.1.2 |
References 7
- archives.neohapsis.com http://archives.neohapsis.com/archives/bugtraq/2002-12/0019.html
- securityfocus.com http://www.securityfocus.com/bid/6294
- securityfocus.com http://www.securityfocus.com/bid/6299
- securityfocus.com http://www.securityfocus.com/bid/6300
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/10743
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/10779
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/10780
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.