CVE-2013-2111

Published: May 27, 2014Modified: May 6, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

The IMAP functionality in Dovecot before 2.2.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via invalid APPEND parameters.

Affected (9)

Products: Dovecot: Dovecot

1 product

Configuration A

9 vulnerable

Vulnerable Software	Affected Versions
Dovecot Dovecot	Up to 2.2.1
Dovecot Dovecot	Version 2.2.0
Dovecot Dovecot	Version 2.2 rc1
Dovecot Dovecot	Version 2.2 rc2
Dovecot Dovecot	Version 2.2 rc3
Dovecot Dovecot	Version 2.2 rc4
Dovecot Dovecot	Version 2.2 rc5
Dovecot Dovecot	Version 2.2 rc6
Dovecot Dovecot	Version 2.2 rc7

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (8)

http://secunia.com/advisories/53492

Source: secalert@redhat.com

http://www.dovecot.org/list/dovecot-news/2013-May/000255.html

Source: secalert@redhat.com

PatchVendor Advisory

http://www.openwall.com/lists/oss-security/2013/05/24/1

Source: secalert@redhat.com

http://www.securitytracker.com/id/1028585

Source: secalert@redhat.com

http://secunia.com/advisories/53492

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.dovecot.org/list/dovecot-news/2013-May/000255.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.openwall.com/lists/oss-security/2013/05/24/1

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id/1028585

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.