Multiple buffer overflows in (1) iso2022jp.c or (2) shiftjis.c for Courier-IMAP before 3.0.0, Courier before 0.45, and SqWebMail before 4.0.0 may allow remote attackers to execute arbitrary code "when Unicode character is out of BMP range."
2004-04-15T04:00:00.000
2025-04-03T01:03:51.193
Deferred
CVSSv2: 7.5 (HIGH)
AV:N/AC:L/Au:N/C:P/I:P/A:P
10.0
6.4
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | double_precision_incorporated | courier_mta | 0.43 | Yes |
| Application | double_precision_incorporated | courier_mta | 0.43.1 | Yes |
| Application | double_precision_incorporated | courier_mta | 0.43.2 | Yes |
| Application | double_precision_incorporated | courier_mta | 0.44 | Yes |
| Application | double_precision_incorporated | courier_mta | 0.44.2 | Yes |
| Application | double_precision_incorporated | sqwebmail | 3.5.2 | Yes |
| Application | double_precision_incorporated | sqwebmail | 3.5.3 | Yes |
| Application | double_precision_incorporated | sqwebmail | 3.6.1 | Yes |
| Application | double_precision_incorporated | sqwebmail | 3.6.2 | Yes |
| Application | double_precision_incorporated | sqwebmail | 3.6_.0 | Yes |
| Application | inter7 | courier-imap | 1.6 | Yes |
| Application | inter7 | courier-imap | 1.7 | Yes |
| Application | inter7 | courier-imap | 2.0.0 | Yes |
| Application | inter7 | courier-imap | 2.1 | Yes |
| Application | inter7 | courier-imap | 2.1.1 | Yes |
| Application | inter7 | courier-imap | 2.1.2 | Yes |
| Application | inter7 | courier-imap | 2.2.0 | Yes |
| Application | inter7 | courier-imap | 2.2.1 | Yes |
| Operating System | gentoo | linux | 1.4 | Yes |
| Operating System | gentoo | linux | 1.4 | Yes |
| Operating System | gentoo | linux | 1.4 | Yes |
| Operating System | gentoo | linux | 1.4 | Yes |