Unrated severityNVD Advisory· Published Dec 23, 2008· Updated Apr 23, 2026
CVE-2008-5514
CVE-2008-5514
Description
Off-by-one error in the rfc822_output_char function in the RFC822BUFFER routines in the University of Washington (UW) c-client library, as used by the UW IMAP toolkit before imap-2007e and other applications, allows context-dependent attackers to cause a denial of service (crash) via an e-mail message that triggers a buffer overflow.
Affected products
37cpe:2.3:a:university_of_washington:imap:*:*:*:*:*:*:*:*+ 36 more
- cpe:2.3:a:university_of_washington:imap:*:*:*:*:*:*:*:*range: <=2007d
- cpe:2.3:a:university_of_washington:imap:2000:*:*:*:*:*:*:*
- cpe:2.3:a:university_of_washington:imap:2000a:*:*:*:*:*:*:*
- cpe:2.3:a:university_of_washington:imap:2000b:*:*:*:*:*:*:*
- cpe:2.3:a:university_of_washington:imap:2000c:*:*:*:*:*:*:*
- cpe:2.3:a:university_of_washington:imap:2001:*:*:*:*:*:*:*
- cpe:2.3:a:university_of_washington:imap:2001a:*:*:*:*:*:*:*
- cpe:2.3:a:university_of_washington:imap:2002:*:*:*:*:*:*:*
- cpe:2.3:a:university_of_washington:imap:2002a:*:*:*:*:*:*:*
- cpe:2.3:a:university_of_washington:imap:2002b:*:*:*:*:*:*:*
- cpe:2.3:a:university_of_washington:imap:2002c:*:*:*:*:*:*:*
- cpe:2.3:a:university_of_washington:imap:2002d:*:*:*:*:*:*:*
- cpe:2.3:a:university_of_washington:imap:2002e:*:*:*:*:*:*:*
- cpe:2.3:a:university_of_washington:imap:2002f:*:*:*:*:*:*:*
- cpe:2.3:a:university_of_washington:imap:2004:*:*:*:*:*:*:*
- cpe:2.3:a:university_of_washington:imap:2004a:*:*:*:*:*:*:*
- cpe:2.3:a:university_of_washington:imap:2004b:*:*:*:*:*:*:*
- cpe:2.3:a:university_of_washington:imap:2004c:*:*:*:*:*:*:*
- cpe:2.3:a:university_of_washington:imap:2004d:*:*:*:*:*:*:*
- cpe:2.3:a:university_of_washington:imap:2004e:*:*:*:*:*:*:*
- cpe:2.3:a:university_of_washington:imap:2004f:*:*:*:*:*:*:*
- cpe:2.3:a:university_of_washington:imap:2004g:*:*:*:*:*:*:*
- cpe:2.3:a:university_of_washington:imap:2006:*:*:*:*:*:*:*
- cpe:2.3:a:university_of_washington:imap:2006a:*:*:*:*:*:*:*
- cpe:2.3:a:university_of_washington:imap:2006b:*:*:*:*:*:*:*
- cpe:2.3:a:university_of_washington:imap:2006c:*:*:*:*:*:*:*
- cpe:2.3:a:university_of_washington:imap:2006d:*:*:*:*:*:*:*
- cpe:2.3:a:university_of_washington:imap:2006e:*:*:*:*:*:*:*
- cpe:2.3:a:university_of_washington:imap:2006f:*:*:*:*:*:*:*
- cpe:2.3:a:university_of_washington:imap:2006g:*:*:*:*:*:*:*
- cpe:2.3:a:university_of_washington:imap:2006h:*:*:*:*:*:*:*
- cpe:2.3:a:university_of_washington:imap:2006i:*:*:*:*:*:*:*
- cpe:2.3:a:university_of_washington:imap:2006j:*:*:*:*:*:*:*
- cpe:2.3:a:university_of_washington:imap:2006k:*:*:*:*:*:*:*
- cpe:2.3:a:university_of_washington:imap:2007:*:*:*:*:*:*:*
- cpe:2.3:a:university_of_washington:imap:2007a:*:*:*:*:*:*:*
- cpe:2.3:a:university_of_washington:imap:2007b:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
10- secunia.com/advisories/33275nvd
- secunia.com/advisories/33638nvd
- securitytracker.com/idnvd
- www.mandriva.com/security/advisoriesnvd
- www.securityfocus.com/bid/32958nvd
- www.vupen.com/english/advisories/2008/3490nvd
- www.washington.edu/imap/documentation/RELNOTES.htmlnvd
- bugzilla.redhat.com/show_bug.cginvd
- exchange.xforce.ibmcloud.com/vulnerabilities/47526nvd
- www.redhat.com/archives/fedora-package-announce/2009-January/msg00846.htmlnvd
News mentions
0No linked articles in our index yet.