CVE-2017-12843

Published: Aug 22, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

Cyrus IMAP before 3.0.3 allows remote authenticated users to write to arbitrary files via a crafted (1) SYNCAPPLY, (2) SYNCGET or (3) SYNCRESTORE command.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/cyrusimap/cyrus-imapd/commit/5edadcfb83bf27107578830801817f9e6d0ad941

x_refsource_CONFIRM

https://www.cyrusimap.org/imap/download/release-notes/3.0/x/3.0.3.html

x_refsource_CONFIRM

https://github.com/cyrusimap/cyrus-imapd/commit/53c4137bd924b954432c6c59da7572c4c5ffa901

x_refsource_CONFIRM

FEDORA-2017-f8f4cd5b67

vendor-advisory

x_refsource_FEDORA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-12843

Description

Affected Products

References