CVE-2003-0300 - Vulnerability Details - OpenCVE

The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Microsoft	Outlook Express
Mozilla	Mozilla
Mutt	Mutt
Qualcomm	Eudora
Stuart Parmenter	Balsa
Sylpheed	Sylpheed Email Client
University Of Washington	Pine
Ximian	Evolution

Configuration 1 [-]

OR	cpe:2.3:a:microsoft:outlook_express:6.00.2800.1106:::::::*
	cpe:2.3:a:mozilla:mozilla:1.3:::::::*
	cpe:2.3:a:mozilla:mozilla:1.4:alpha::::::
	cpe:2.3:a:mutt:mutt:1.4.1:::::::*
	cpe:2.3:a:qualcomm:eudora:5.2.1:::::::*
	cpe:2.3:a:stuart_parmenter:balsa:2.0.10:::::::*
	cpe:2.3:a:sylpheed:sylpheed_email_client:0.8.11:::::::*
	cpe:2.3:a:university_of_washington:pine:4.53:::::::*
	cpe:2.3:a:ximian:evolution:1.2.4:::::::*

No data.

References

Link	Providers
http://marc.info/?l=bugtraq&m=105294024124163&w=2

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2003-05-15T04:00:00

Updated: 2024-08-08T01:50:47.085Z

Reserved: 2003-05-14T00:00:00

Link: CVE-2003-0300

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2003-06-16T04:00:00.000

Modified: 2025-04-03T01:03:51.193

Link: CVE-2003-0300

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2003-05-14T00:00:00", "descriptions": [{"lang": "en", "value": "The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-10-17T13:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20030514 Buffer overflows in multiple IMAP clients", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=105294024124163&w=2"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-0300", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20030514 Buffer overflows in multiple IMAP clients", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=105294024124163&w=2"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T01:50:47.085Z"}, "title": "CVE Program Container", "references": [{"name": "20030514 Buffer overflows in multiple IMAP clients", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=105294024124163&w=2"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-0300", "datePublished": "2003-05-15T04:00:00", "dateReserved": "2003-05-14T00:00:00", "dateUpdated": "2024-08-08T01:50:47.085Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:outlook_express:6.00.2800.1106:*:*:*:*:*:*:*", "matchCriteriaId": "7B6C3153-39B0-4C14-B414-01BE10D8742E", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:mozilla:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "C656A621-BE62-4BB8-9B25-A3916E60FA12", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:mozilla:1.4:alpha:*:*:*:*:*:*", "matchCriteriaId": "82A6419D-0E94-4D80-8B07-E5AB4DBA2F28", "vulnerable": true}, {"criteria": "cpe:2.3:a:mutt:mutt:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "65DB0D49-CD49-4EF6-9013-1B03E0D644D3", "vulnerable": true}, {"criteria": "cpe:2.3:a:qualcomm:eudora:5.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "D64909E5-6E9A-4873-B23C-C825B5CDBAAE", "vulnerable": true}, {"criteria": "cpe:2.3:a:stuart_parmenter:balsa:2.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "1A86E91A-CAEA-4580-913C-DF610DEABF27", "vulnerable": true}, {"criteria": "cpe:2.3:a:sylpheed:sylpheed_email_client:0.8.11:*:*:*:*:*:*:*", "matchCriteriaId": "CED27A6B-FDDB-4729-8E98-86C062357E68", "vulnerable": true}, {"criteria": "cpe:2.3:a:university_of_washington:pine:4.53:*:*:*:*:*:*:*", "matchCriteriaId": "C8E05D27-10F6-43CF-B7E9-73A82DE02953", "vulnerable": true}, {"criteria": "cpe:2.3:a:ximian:evolution:1.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "C9A844BF-30CC-4289-81C4-1161FDEBC345", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors."}, {"lang": "es", "value": "El cliente IMAP para Sylpheed 0.8.11 permite que servidores IMAP remotos da\u00f1inos originen una denegaci\u00f3n de servicio (ca\u00edda) mediante ciertos tama\u00f1os literales muy largos que causan desbordamientos de b\u00fafer de enteros."}], "id": "CVE-2003-0300", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2003-06-16T04:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=105294024124163&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq&m=105294024124163&w=2"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}