CVE-2008-4907

Name of the Vulnerable Software and Affected Versions Dovecot versions 1.1.4 through 1.1.5

Description The issue concerns a denial of service that can be triggered by an email with a malformed From address, causing an assertion error due to invalid message address parsing. This can lead to a persistent crash when the FETCH ENVELOPE command is used in the IMAP client.

Recommendations For Dovecot versions 1.1.4 and 1.1.5, consider disabling the message parsing feature temporarily until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.