Vulnerabilities > Dovecot > Dovecot > 2.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-05-24 | CVE-2011-1929 | Improper Input Validation vulnerability in Dovecot lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle '\0' characters in header names, which allows remote attackers to cause a denial of service (daemon crash or mailbox corruption) via a crafted e-mail message. | 5.0 |
| 2010-10-06 | CVE-2010-3779 | Permissions, Privileges, and Access Controls vulnerability in Dovecot Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.beta2 grants the admin permission to the owner of each mailbox in a non-public namespace, which might allow remote authenticated users to bypass intended access restrictions by changing the ACL of a mailbox, as demonstrated by a symlinked shared mailbox. | 3.5 |