The message parsing feature in Dovecot 1.1.4 and 1.1.5, when using the FETCH ENVELOPE command in the IMAP client, allows remote attackers to cause a denial of service (persistent crash) via an email with a malformed From address, which triggers an assertion error, aka "invalid message address parsing bug."
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2008-11-04T00:00:00
Updated: 2017-08-07T12:57:01
Reserved: 2008-11-03T00:00:00
Link: CVE-2008-4907
JSON object: View
NVD Information
Status : Modified
Published: 2008-11-04T00:58:40.277
Modified: 2017-08-08T01:32:59.373
Link: CVE-2008-4907
JSON object: View
Redhat Information
No data.
CWE