vulnerability
FreeBSD: VID-B7DC4DDE-2E48-43F9-967A-C68461537CF2 (CVE-2019-19722): dovecot -- null pointer deref in notify with empty headers
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | Dec 10, 2019 | Dec 14, 2019 | Jan 22, 2020 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Dec 10, 2019
Added
Dec 14, 2019
Modified
Jan 22, 2020
Description
Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.
From VID-B7DC4DDE-2E48-43F9-967A-C68461537CF2:
Aki Tuomi reports
Mail with group address as sender will cause a signal 11 crash in push
notification drivers. Group address as recipient can cause crash in some
drivers.
Solution
freebsd-upgrade-package-dovecot
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.