VYPR
← All advisories
Unrated severityNVD Advisory· Published Apr 15, 2004· Updated Apr 16, 2026

CVE-2004-0224

CVE-2004-0224

Description

Multiple buffer overflows in (1) iso2022jp.c or (2) shiftjis.c for Courier-IMAP before 3.0.0, Courier before 0.45, and SqWebMail before 4.0.0 may allow remote attackers to execute arbitrary code "when Unicode character is out of BMP range."

Affected products

22
  • Double Precision Incorporated/Courier Mta5 versions
    cpe:2.3:a:double_precision_incorporated:courier_mta:0.43:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:double_precision_incorporated:courier_mta:0.43:*:*:*:*:*:*:*
    • cpe:2.3:a:double_precision_incorporated:courier_mta:0.43.1:*:*:*:*:*:*:*
    • cpe:2.3:a:double_precision_incorporated:courier_mta:0.43.2:*:*:*:*:*:*:*
    • cpe:2.3:a:double_precision_incorporated:courier_mta:0.44:*:*:*:*:*:*:*
    • cpe:2.3:a:double_precision_incorporated:courier_mta:0.44.2:*:*:*:*:*:*:*
  • Double Precision Incorporated/Sqwebmail5 versions
    cpe:2.3:a:double_precision_incorporated:sqwebmail:3.5.2:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:double_precision_incorporated:sqwebmail:3.5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:double_precision_incorporated:sqwebmail:3.5.3:*:*:*:*:*:*:*
    • cpe:2.3:a:double_precision_incorporated:sqwebmail:3.6_.0:*:*:*:*:*:*:*
    • cpe:2.3:a:double_precision_incorporated:sqwebmail:3.6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:double_precision_incorporated:sqwebmail:3.6.2:*:*:*:*:*:*:*
  • Inter7/Courier IMAP8 versions
    cpe:2.3:a:inter7:courier-imap:1.6:*:*:*:*:*:*:*+ 7 more
    • cpe:2.3:a:inter7:courier-imap:1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:inter7:courier-imap:1.7:*:*:*:*:*:*:*
    • cpe:2.3:a:inter7:courier-imap:2.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:inter7:courier-imap:2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:inter7:courier-imap:2.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:inter7:courier-imap:2.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:inter7:courier-imap:2.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:inter7:courier-imap:2.2.1:*:*:*:*:*:*:*
  • Gentoo/Linux4 versions
    cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*
    • cpe:2.3:o:gentoo:linux:1.4:rc1:*:*:*:*:*:*
    • cpe:2.3:o:gentoo:linux:1.4:rc2:*:*:*:*:*:*
    • cpe:2.3:o:gentoo:linux:1.4:rc3:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

4

News mentions

0

No linked articles in our index yet.