CVE-2010-3304

EPSS 1.7%

Published: 9/24/2010Modified: 4/28/2026

Also known as:DEBIAN-CVE-2010-3304

Description

The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to newly created mailboxes in certain configurations, which might allow remote attackers to read mailboxes that have unintended weak ACLs.

Affected packages (1)

Debian/dovecotfrom 0, < 1.2.13-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2010-3304