CVE-2005-4267

Name of the Vulnerable Software and Affected Versions Qualcomm WorldMail version 3.0

Description A stack-based buffer overflow issue allows remote attackers to execute arbitrary code via a long IMAP command that ends with a "}" character. This can be achieved using various IMAP commands, including "LIST", "LSUB", "SEARCH TEXT", "STATUS INBOX", "AUTHENTICATE", "FETCH", "SELECT", and "COPY".

Recommendations For Qualcomm WorldMail version 3.0, consider restricting the length of IMAP commands to prevent buffer overflow exploitation until a patch is available. As a temporary workaround, limit the use of IMAP commands that could be used to trigger the overflow, such as avoiding the use of long commands that end with a "}" character. At the moment, there is no information about a newer version that contains a fix for this vulnerability.