CVE-2005-2933

Name of the Vulnerable Software and Affected Versions UW-IMAP versions prior to 2004g

Description The issue is related to a buffer overflow in the mail valid net parse work function in mail.c. This occurs when a mailbox name contains a single double-quote character without a closing quote, causing bytes after the double-quote to be copied into a buffer indefinitely. This can allow remote attackers to execute arbitrary code.

Recommendations For versions prior to 2004g, update to version 2004g or later to resolve the issue. As a temporary workaround, consider restricting the use of special characters in mailbox names to minimize the risk of exploitation.