CVE-2004-1011

NONE EPSS 92.3%
Published Jan 10, 200521y ago · Modified Jun 16, 20262w ago
Find Similar
Published Jan 10, 2005 21y ago
Last Modified Jun 16, 2026 2w ago

Description

Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a different vulnerability than CVE-2004-1015.

Threat Intelligence

EPSS Exploit Probability
92.3% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Affected Products 23

VendorProductVersionRange
carnegie_mellon_universitycyrus_imap_server2.1.7any
carnegie_mellon_universitycyrus_imap_server2.1.9any
carnegie_mellon_universitycyrus_imap_server2.1.10any
carnegie_mellon_universitycyrus_imap_server2.1.16any
carnegie_mellon_universitycyrus_imap_server2.2.0_alphaany
carnegie_mellon_universitycyrus_imap_server2.2.1_betaany
carnegie_mellon_universitycyrus_imap_server2.2.2_betaany
carnegie_mellon_universitycyrus_imap_server2.2.3any
carnegie_mellon_universitycyrus_imap_server2.2.4any
carnegie_mellon_universitycyrus_imap_server2.2.5any
carnegie_mellon_universitycyrus_imap_server2.2.6any
carnegie_mellon_universitycyrus_imap_server2.2.7any
carnegie_mellon_universitycyrus_imap_server2.2.8any
openpkgopenpkgcurrentany
conectivalinux9.0any
conectivalinux10.0any
redhatfedora_corecore_2.0any
redhatfedora_corecore_3.0any
trustixsecure_linux2.0any
trustixsecure_linux2.1any
trustixsecure_linux2.2any
ubuntuubuntu_linux4.1any
ubuntuubuntu_linux4.1any

References 8

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.