Vulnerabilities > CMU > Cyrus Imap Server > 2.4.7

DATE CVE VULNERABILITY TITLE RISK
2011-09-14 CVE-2011-3481 Unspecified vulnerability in CMU Cyrus Imap Server
The index_get_ids function in index.c in imapd in Cyrus IMAP Server before 2.4.11, when server-side threading is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted References header in an e-mail message.
network
cmu
4.3
2011-09-14 CVE-2011-3208 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in CMU Cyrus Imap Server
Stack-based buffer overflow in the split_wildmats function in nntpd.c in nntpd in Cyrus IMAP Server before 2.3.17 and 2.4.x before 2.4.11 allows remote attackers to execute arbitrary code via a crafted NNTP command.
network
low complexity
cmu CWE-119
7.5