CVE-2002-1311
courier - buffer overflow
EPSS 0.07%
Description
Courier sqwebmail before 0.40.0 does not quickly drop privileges after startup in certain cases, which could allow local users to read arbitrary files.
How to fix CVE-2002-1311
To remediate CVE-2002-1311, upgrade the affected package to a fixed version below.
- Debian/courier—upgrade to 0.40.0-1 or later
- Debian/courier—upgrade to 0.37.3-2.3 or later
Is CVE-2002-1311 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 0.40.0-1
- from 0, < 0.37.3-2.3