CVE-2010-4532

Published: Nov 13, 2019

Modified: Aug 7, 2024

PUBLISHED

Description

offlineimap before 6.3.2 does not check for SSL server certificate validation when "ssl = yes" option is specified which can allow man-in-the-middle attacks.

Vendor	Product	Versions
offlineimap	offlineimap	affected `before 6.3.2`

References

https://security-tracker.debian.org/tracker/CVE-2010-4532

x_refsource_MISC

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4532

x_refsource_MISC

https://access.redhat.com/security/cve/cve-2010-4532

x_refsource_MISC

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=603450

x_refsource_MISC

https://www.openwall.com/lists/oss-security/2010/12/23/2

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2010-4532

Description

Affected Products

References