Format String Vulnerability in GNU Mailutils IMAP4D Server
CVE-2005-2878

Currently unrated

Key Information:

Vendor
Gnu
Status
Vendor
CVE Published:
13 September 2005

Summary

The GNU Mailutils imap4d server contains a format string vulnerability in the handling of the SEARCH command, allowing remote authenticated users to execute arbitrary code on the server. This flaw arises from improper sanitization of user-supplied format specifiers, which can lead to potentially malicious exploitation. Attackers can exploit this vulnerability by crafting specific search commands, which may lead to unauthorized command execution within the server context.

References

EPSS Score

57% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.