CVE-2005-4267 Information

Description

Stack-based buffer overflow in Qualcomm WorldMail 3.0 allows remote attackers to execute arbitrary code via a long IMAP command that ends with a \ character as demonstrated using long (1) LIST (2) LSUB (3) SEARCH TEXT (4) STATUS INBOX (5) AUTHENTICATE (6) FETCH (7) SELECT and (8) COPY commands.

Reference

http://seclists.org/lists/fulldisclosure/2005/Dec/1037.html http://secunia.com/advisories/17640 http://securityreason.com/securityalert/277 http://securitytracker.com/id?1015391 http://www.idefense.com/intelligence/vulnerabilities/display.php?id=359 http://www.securityfocus.com/bid/15980 http://www.vupen.com/english/advisories/2005/3005