Format String Vulnerability in GNU Mailutils IMAP4D Server
CVE-2005-2878
Currently unrated
Summary
The GNU Mailutils imap4d server contains a format string vulnerability in the handling of the SEARCH command, allowing remote authenticated users to execute arbitrary code on the server. This flaw arises from improper sanitization of user-supplied format specifiers, which can lead to potentially malicious exploitation. Attackers can exploit this vulnerability by crafting specific search commands, which may lead to unauthorized command execution within the server context.
References
EPSS Score
57% chance of being exploited in the next 30 days.
Timeline
Vulnerability published
Vulnerability Reserved