Oval Definition:	oval:org.opensuse.security:def:20092632
Revision Date: 2017-09-27 Version: 1 Title: CVE-2009-2632 Description: Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to the incorrect use of the sizeof operator for determining buffer length, combined with an integer signedness error. Family: unix Class: vulnerability Status: Reference(s): CVE-2009-2632 Platform(s): Novell Linux Desktop 9 for x86 Novell Linux Desktop 9 for x86_64 Open Enterprise Server openSUSE 10.3 openSUSE 11.0 openSUSE 11.1 SUSE Linux Enterprise SDK 10 SP2 SUSE Linux Enterprise SDK 11 GA SUSE Linux Enterprise Server 11 GA Product(s): Definition Synopsis sles10-sp2-sdk is installed AND Package Information cyrus-imapd-devel less than 2.2.12-27.13.2 OR cyrus-imapd less than 2.2.12-27.13.2 OR perl-Cyrus-IMAP less than 2.2.12-27.13.2 OR perl-Cyrus-SIEVE-managesieve less than 2.2.12-27.13.2
BACK