CVE-2002-1580
cyrus-imapd - buffer overflow
EPSS 47.8%
Description
Integer overflow in imapparse.c for Cyrus IMAP server 1.4 and 2.1.10 allows remote attackers to execute arbitrary code via a large length value that facilitates a buffer overflow attack, a different vulnerability than CVE-2002-1347.
How to fix CVE-2002-1580
To remediate CVE-2002-1580, upgrade the affected package to a fixed version below.
- Debian/cyrus-imapd—upgrade to 1.5.19-9.10 or later
- Debian/cyrus-imapd—upgrade to 1.5.19-9.1 or later
Is CVE-2002-1580 being exploited?
Moderate — EPSS is 47.8%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (2)
- from 0, < 1.5.19-9.10
- from 0, < 1.5.19-9.1