CVE-2015-8076

The index_urlfetch function in index.c in Cyrus IMAP 2.3.x before 2.3.19, 2.4.x before 2.4.18, 2.5.x before 2.5.4 allows remote attackers to obtain sensitive information or possibly have unspecified other impact via vectors related to the urlfetch range, which triggers an out-of-bounds heap read.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:cyrus:imap:2.3.0:*:*:*:*:*:*:*
cpe:2.3:a:cyrus:imap:2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:cyrus:imap:2.3.2:*:*:*:*:*:*:*
cpe:2.3:a:cyrus:imap:2.3.3:*:*:*:*:*:*:*
cpe:2.3:a:cyrus:imap:2.3.4:*:*:*:*:*:*:*
cpe:2.3:a:cyrus:imap:2.3.5:*:*:*:*:*:*:*
cpe:2.3:a:cyrus:imap:2.3.6:*:*:*:*:*:*:*
cpe:2.3:a:cyrus:imap:2.3.7:*:*:*:*:*:*:*
cpe:2.3:a:cyrus:imap:2.3.8:*:*:*:*:*:*:*
cpe:2.3:a:cyrus:imap:2.3.9:*:*:*:*:*:*:*
cpe:2.3:a:cyrus:imap:2.3.10:*:*:*:*:*:*:*
cpe:2.3:a:cyrus:imap:2.3.11:*:*:*:*:*:*:*
cpe:2.3:a:cyrus:imap:2.3.12:*:*:*:*:*:*:*
cpe:2.3:a:cyrus:imap:2.3.13:*:*:*:*:*:*:*
cpe:2.3:a:cyrus:imap:2.3.14:*:*:*:*:*:*:*
cpe:2.3:a:cyrus:imap:2.3.15:*:*:*:*:*:*:*
cpe:2.3:a:cyrus:imap:2.3.16:*:*:*:*:*:*:*
cpe:2.3:a:cyrus:imap:2.3.17:*:*:*:*:*:*:*
cpe:2.3:a:cyrus:imap:2.3.18:*:*:*:*:*:*:*
cpe:2.3:a:cyrus:imap:2.4.0:*:*:*:*:*:*:*
cpe:2.3:a:cyrus:imap:2.4.1:*:*:*:*:*:*:*
cpe:2.3:a:cyrus:imap:2.4.2:*:*:*:*:*:*:*
cpe:2.3:a:cyrus:imap:2.4.3:*:*:*:*:*:*:*
cpe:2.3:a:cyrus:imap:2.4.4:*:*:*:*:*:*:*
cpe:2.3:a:cyrus:imap:2.4.5:*:*:*:*:*:*:*
cpe:2.3:a:cyrus:imap:2.4.6:*:*:*:*:*:*:*
cpe:2.3:a:cyrus:imap:2.4.7:*:*:*:*:*:*:*
cpe:2.3:a:cyrus:imap:2.4.8:*:*:*:*:*:*:*
cpe:2.3:a:cyrus:imap:2.4.9:*:*:*:*:*:*:*
cpe:2.3:a:cyrus:imap:2.4.10:*:*:*:*:*:*:*
cpe:2.3:a:cyrus:imap:2.4.11:*:*:*:*:*:*:*
cpe:2.3:a:cyrus:imap:2.4.12:*:*:*:*:*:*:*
cpe:2.3:a:cyrus:imap:2.4.13:*:*:*:*:*:*:*
cpe:2.3:a:cyrus:imap:2.4.14:*:*:*:*:*:*:*
cpe:2.3:a:cyrus:imap:2.4.15:*:*:*:*:*:*:*
cpe:2.3:a:cyrus:imap:2.4.16:*:*:*:*:*:*:*
cpe:2.3:a:cyrus:imap:2.4.17:*:*:*:*:*:*:*
cpe:2.3:a:cyrus:imap:2.5.0:*:*:*:*:*:*:*
cpe:2.3:a:cyrus:imap:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:cyrus:imap:2.5.2:*:*:*:*:*:*:*
cpe:2.3:a:cyrus:imap:2.5.3:*:*:*:*:*:*:*

History

No history.

Information

Published : 2015-12-03 20:59

Updated : 2024-02-04 18:53


NVD link : CVE-2015-8076

Mitre link : CVE-2015-8076

CVE.ORG link : CVE-2015-8076


JSON object : View

Products Affected

cyrus

  • imap

opensuse

  • opensuse
  • leap
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor