CVE-2003-0297
EPSS 0.91%
Description
c-client IMAP Client, as used in imap-2002b and Pine 4.53, allows remote malicious IMAP servers to cause a denial of service (crash) and possibly execute arbitrary code via certain large (1) literal and (2) mailbox size values that cause either integer signedness errors or integer overflow errors.
How to fix CVE-2003-0297
To remediate CVE-2003-0297, upgrade the affected package to a fixed version below.
- Debian/uw-imap—upgrade to 7:2002c or later
Is CVE-2003-0297 being exploited?
Low — EPSS is 0.9%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 7:2002c