IMAP Buffer Overflow

HIGH (10.0) No Patch (10009 days)
buffer-overflowimapprotocol-vulnerabilityremote-exploitationsun

Threat Intelligence

⚠️ CRITICAL GAP - Exploits exist but no detection available
EPSS Score: 13.65% chance of exploitation (percentile: 94%)
🔍 Detection Tools: None available in major open-source tools
⚔️ Exploit Availability: Exploit-DB

How we test →

What is it?

The IMAP protocol is a widely used email protocol that allows remote access to email servers. This vulnerability exists in the authenticate command of the IMAP protocol, allowing an attacker to execute arbitrary commands on the server by overflowing the buffer used for input validation.

Am I affected?

You're affected if you use Arbitrary command execution via IMAP buffer overflow. Specific version info not stated in the advisory. If you don't recognise this software, you're probably not affected.

Affected Products

Not specified ( likely a specific IMAP implementation) / Not specified

How to fix

To fix this vulnerability, contact the vendor directly for a patched version. Immediate mitigations include:

  • Restrict network access to your email server (firewall it from the public internet)
  • Audit authentication logs for suspicious activity patterns

References