← Back

CVE-2004-0777

nvd nist
Published: Oct 20, 2004Modified: Apr 16, 2026

JSON object

Loading...
7.5
Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
Exploitability: 10.0 / Impact: 6.4
Source: NVD

Description

Format string vulnerability in the auth_debug function in Courier-IMAP 1.6.0 through 2.2.1 and 3.x through 3.0.3, when login debugging (DEBUG_LOGIN) is enabled, allows remote attackers to execute arbitrary code.

Affected (8)

Products: Inter7: Courier Imap
Inter7
1 product
Courier Imap
Configuration A
8 vulnerable
Vulnerable SoftwareAffected Versions
Inter7
Courier Imap
Version 1.6
Courier Imap
Version 1.7
Courier Imap
Version 2.0.0
Courier Imap
Version 2.1.1
Courier Imap
Version 2.1.2
Courier Imap
Version 2.1
Courier Imap
Version 2.2.0
Courier Imap
Version 2.2.1

Related CWEs

CWE-134
Use of Externally-Controlled Format String
The product uses a function that accepts a format string as an argument, but the format string originates from an external source.

References (10)

Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.