VYPR
← All advisories
Unrated severityNVD Advisory· Published Mar 21, 2014· Updated May 6, 2026

CVE-2014-2567

CVE-2014-2567

Description

The OpenConnectionTask::handleStateHelper function in Imap/Tasks/OpenConnectionTask.cpp in Trojita before 0.4.1 allows man-in-the-middle attackers to trigger use of cleartext for saving a message into a (1) sent or (2) draft folder via a PREAUTH response that prevents later use of the STARTTLS command.

Affected products

14
  • Trojita Project/Trojita14 versions
    cpe:2.3:a:trojita_project:trojita:*:*:*:*:*:*:*:*+ 13 more
    • cpe:2.3:a:trojita_project:trojita:*:*:*:*:*:*:*:*range: <=0.4
    • cpe:2.3:a:trojita_project:trojita:0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:trojita_project:trojita:0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:trojita_project:trojita:0.2.9:*:*:*:*:*:*:*
    • cpe:2.3:a:trojita_project:trojita:0.2.9.1:*:*:*:*:*:*:*
    • cpe:2.3:a:trojita_project:trojita:0.2.9.2:*:*:*:*:*:*:*
    • cpe:2.3:a:trojita_project:trojita:0.2.9.3:*:*:*:*:*:*:*
    • cpe:2.3:a:trojita_project:trojita:0.2.9.4:*:*:*:*:*:*:*
    • cpe:2.3:a:trojita_project:trojita:0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:trojita_project:trojita:0.3.90:*:*:*:*:*:*:*
    • cpe:2.3:a:trojita_project:trojita:0.3.91:*:*:*:*:*:*:*
    • cpe:2.3:a:trojita_project:trojita:0.3.92:*:*:*:*:*:*:*
    • cpe:2.3:a:trojita_project:trojita:0.3.93:*:*:*:*:*:*:*
    • cpe:2.3:a:trojita_project:trojita:0.3.96:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

News mentions

0

No linked articles in our index yet.