vulnerability
Oracle Linux: CVE-2019-11356: ELSA-2019-1771: cyrus-imapd security update (IMPORTANT) (Multiple Advisories)
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
5 | (AV:N/AC:H/Au:N/C:P/I:P/A:P) | 06/04/2019 | 07/22/2024 | 01/07/2025 |
Severity
5
CVSS
(AV:N/AC:H/Au:N/C:P/I:P/A:P)
Published
06/04/2019
Added
07/22/2024
Modified
01/07/2025
Description
The CalDAV feature in httpd in Cyrus IMAP 2.5.x through 2.5.12 and 3.0.x through 3.0.9 allows remote attackers to execute arbitrary code via a crafted HTTP PUT operation for an event with a long iCalendar property name.
A flaw was found in the CalDAV feature in httpd in Cyrus IMAP. This flaw allows a remote attacker to execute arbitrary code via a crafted HTTP PUT operation for an event with a long iCalendar property name.
A flaw was found in the CalDAV feature in httpd in Cyrus IMAP. This flaw allows a remote attacker to execute arbitrary code via a crafted HTTP PUT operation for an event with a long iCalendar property name.
Solution(s)
oracle-linux-upgrade-cyrus-imapdoracle-linux-upgrade-cyrus-imapd-utilsoracle-linux-upgrade-cyrus-imapd-vzic

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.