vulnerability
Oracle Linux: CVE-2019-11356: ELSA-2019-1771: cyrus-imapd security update (IMPORTANT) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:H/Au:N/C:P/I:P/A:P) | 2019-06-04 | 2024-07-22 | 2025-01-07 |
Severity
5
CVSS
(AV:N/AC:H/Au:N/C:P/I:P/A:P)
Published
2019-06-04
Added
2024-07-22
Modified
2025-01-07
Description
The CalDAV feature in httpd in Cyrus IMAP 2.5.x through 2.5.12 and 3.0.x through 3.0.9 allows remote attackers to execute arbitrary code via a crafted HTTP PUT operation for an event with a long iCalendar property name.
A flaw was found in the CalDAV feature in httpd in Cyrus IMAP. This flaw allows a remote attacker to execute arbitrary code via a crafted HTTP PUT operation for an event with a long iCalendar property name.
A flaw was found in the CalDAV feature in httpd in Cyrus IMAP. This flaw allows a remote attacker to execute arbitrary code via a crafted HTTP PUT operation for an event with a long iCalendar property name.
Solution(s)
oracle-linux-upgrade-cyrus-imapdoracle-linux-upgrade-cyrus-imapd-utilsoracle-linux-upgrade-cyrus-imapd-vzic
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.