A specially crafted email delivered over SMTP and passed on to Dovecot by MTA can trigger an out of bounds read resulting in potential sensitive information disclosure and denial of service. In order to trigger this vulnerability, an attacker needs to send a specially crafted email message to the server.
Metrics
Affected Vendors & Products
Advisories
Source | ID | Title |
---|---|---|
![]() |
DLA-1333-1 | dovecot security update |
![]() |
DSA-4130-1 | dovecot security update |
![]() |
EUVD-2017-5964 | A specially crafted email delivered over SMTP and passed on to Dovecot by MTA can trigger an out of bounds read resulting in potential sensitive information disclosure and denial of service. In order to trigger this vulnerability, an attacker needs to send a specially crafted email message to the server. |
![]() |
USN-3587-1 | Dovecot vulnerabilities |
![]() |
USN-3587-2 | Dovecot vulnerabilities |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.

Status: PUBLISHED
Assigner: talos
Published:
Updated: 2024-09-16T23:00:46.355Z
Reserved: 2017-09-13T00:00:00
Link: CVE-2017-14461

No data.

Status : Modified
Published: 2018-03-02T15:29:00.210
Modified: 2024-11-21T03:12:50.433
Link: CVE-2017-14461


No data.