CVE-2018-0684

CRITICAL

Denbun POP < V3.3P R3.0 and Denbun IMAP < V3.3I R3.0 - Remote Code Execution via Multipart/Form-Data

Title source: llm
STIX 2.1

Description

Buffer overflow in Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R3.0 and earlier, Denbun IMAP version V3.3I R3.0 and earlier) allows remote attackers to execute arbitrary code or cause a denial-of-service (DoS) condition via multipart/form-data format data.

References (3)

Core 3
Core References
Third Party Advisory third-party-advisory x_refsource_jvn
http://jvn.jp/en/jp/JVN00344155/index.html

Scores

CVSS v3 9.8
EPSS 0.0358
EPSS Percentile 88.0%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-119
Status published
Products (2)
neo/debun_imap < 3.3i_r4.0
neo/debun_pop < 3.3p_r4.0
Published Nov 15, 2018
Tracked Since Feb 18, 2026