NULL Pointer Dereference Vulnerability in Dovecot Submission

NULL Pointer Dereference Vulnerability in Dovecot Submission

CVE-2020-10957 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

In Dovecot before 2.3.10.1, unauthenticated sending of malformed parameters to a NOOP command causes a NULL Pointer Dereference and crash in submission-login, submission, or lmtp.

Learn more about our Web Application Penetration Testing UK.