RSS   Vulnerabilities for 'Pigeonhole'   RSS

2019-08-29
 
CVE-2019-11500

CWE-787
 

 
In Dovecot before 2.2.36.4 and 2.3.x before 2.3.7.2 (and Pigeonhole before 0.5.7.2), protocol processing can fail for quoted strings. This occurs because '\0' characters are mishandled, and can lead to out-of-bounds writes and remote code execution.

 

 >>> Vendor: Dovecot 2 Products
Dovecot
Pigeonhole


Copyright 2022, cxsecurity.com

 

Back to Top