VYPR

rpm package

suse/cyrus-imapd&distro=SUSE Linux Enterprise Server 12 SP1

pkg:rpm/suse/cyrus-imapd&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1

Vulnerabilities (6)

  • CVE-2015-8079MedSep 7, 2017
    affected < 2.3.18-40.1fixed 2.3.18-40.1

    qt5-qtwebkit before 5.4 records private browsing URLs to its favicon database, WebpageIcons.db.

  • CVE-2016-6354CriSep 21, 2016
    affected < 2.3.18-40.1fixed 2.3.18-40.1

    Heap-based buffer overflow in the yy_get_next_buffer function in Flex before 2.6.1 might allow context-dependent attackers to cause a denial of service or possibly execute arbitrary code via vectors involving num_to_read.

  • CVE-2015-8078Dec 3, 2015
    affected < 2.3.18-37.1fixed 2.3.18-37.1

    Integer overflow in the index_urlfetch function in imap/index.c in Cyrus IMAP 2.3.19, 2.4.18, and 2.5.6 allows remote attackers to have unspecified impact via vectors related to urlfetch range checks and the section_offset variable. NOTE: this vulnerability exists because of an

  • CVE-2015-8077Dec 3, 2015
    affected < 2.3.18-37.1fixed 2.3.18-37.1

    Integer overflow in the index_urlfetch function in imap/index.c in Cyrus IMAP 2.3.19, 2.4.18, and 2.5.6 allows remote attackers to have unspecified impact via vectors related to urlfetch range checks and the start_octet variable. NOTE: this vulnerability exists because of an inc

  • CVE-2015-8076Dec 3, 2015
    affected < 2.3.18-37.1fixed 2.3.18-37.1

    The index_urlfetch function in index.c in Cyrus IMAP 2.3.x before 2.3.19, 2.4.x before 2.4.18, 2.5.x before 2.5.4 allows remote attackers to obtain sensitive information or possibly have unspecified other impact via vectors related to the urlfetch range, which triggers an out-of-

  • CVE-2014-3566LowOct 15, 2014
    affected < 2.3.18-37.1fixed 2.3.18-37.1

    The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.