Integer Overflow in index_urlfetch function in Cyrus IMAP 2.3.19, 2.4.18, and 2.5.6
CVE-2015-8078 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
Integer overflow in the index_urlfetch function in imap/index.c in Cyrus IMAP 2.3.19, 2.4.18, and 2.5.6 allows remote attackers to have unspecified impact via vectors related to urlfetch range checks and the section_offset variable. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8076.
Learn more about our Web Application Penetration Testing UK.