Cyrus IMAPD, Sun Java vulnerabilities
John Dalbec
jpdalbec at ysu.edu
Fri Dec 3 15:11:04 UTC 2004
Do these issues apply to -legacy?
04.47.8 CVE: CAN-2004-1011, CAN-2004-1012, CAN-2004-1013,
CAN-2004-1015
Platform: Unix
Title: Cyrus IMAPD Multiple Remote Vulnerabilities
Description: Cyrus IMAPD is an IMAP daemon. It is reported to be
vulnerable to multiple remote buffer overflow issues. Cyrus IMAPD
versions 2.2.4 to 2.2.8 are reported to be vulnerable.
Ref: http://security.e-matters.de/advisories/152004.html
04.47.13 CVE: CAN-2004-1029
Platform: Cross Platform
Title: Sun Java Plug-in Security Restriction Bypass
Description: Java Plug-in technology, part of the Java 2 Runtime
Environment (JRE), establishes a connection between popular browsers
and the Java platform. It is possible to bypass the Java sandbox and
all security restrictions imposed within Java Applets to execute
malicious applets and gain full control. Sun Java 2 Platform, Standard
Edition (J2SE) versions 1.4.2_01 and 1.4.2_04 are known to be
vulnerable.
Ref: http://www.idefense.com/application/poi/display?id=158&type=vulnerabilities
More information about the fedora-legacy-list
mailing list