Description
The index_urlfetch function in index.c in Cyrus IMAP 2.3.x before 2.3.19, 2.4.x before 2.4.18, 2.5.x before 2.5.4 allows remote attackers to obtain sensitive information or possibly have unspecified other impact via vectors related to the urlfetch range, which triggers an out-of-bounds heap read.
References (12)
Core 12
Core References
Various Sources x_refsource_confirm
https://docs.cyrus.foundation/imap/release-notes/2.3/x/2.3.19.html
Vendor Advisory x_refsource_confirm
https://docs.cyrus.foundation/imap/release-notes/2.4/x/2.4.18.html
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2015-09/msg00038.html
Vendor Advisory x_refsource_confirm
https://docs.cyrus.foundation/imap/release-notes/2.5/x/2.5.4.html
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2015/11/04/3
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2015-09/msg00037.html
Patch x_refsource_confirm
https://cyrus.foundation/cyrus-imapd/commit/?id=07de4ff1bf2fa340b9d77b8e7de8d43d47a33921
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2015/09/30/3
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2015/09/29/2
Vendor Advisory x_refsource_confirm
https://cyrus.foundation/cyrus-imapd/commit/?id=c21e179c1f6b968fe69bebe079176714e511587b
Scores
EPSS
0.0263
EPSS Percentile
85.9%
Details
CWE
CWE-119
CWE-200
Status
published
Products (43)
cyrus/imap
2.3.0
cyrus/imap
2.3.1
cyrus/imap
2.3.2
cyrus/imap
2.3.3
cyrus/imap
2.3.4
cyrus/imap
2.3.5
cyrus/imap
2.3.6
cyrus/imap
2.3.7
cyrus/imap
2.3.8
cyrus/imap
2.3.9
... and 33 more
Published
Dec 03, 2015
Tracked Since
Feb 18, 2026