Double Precision Incorporated » Courier-imap : Security Vulnerabilities, CVEs, CVSS score >= 5
Eval injection vulnerability in (1) courier-imapd.indirect and (2) courier-pop3d.indirect in Courier-IMAP before 4.0.6-r2, and 4.1.x before 4.1.2-r1, on Gentoo Linux allows remote attackers to execute arbitrary commands via the XMAILDIR variable, related to the LOGINRUN variable.
Max CVSS
10.0
EPSS Score
1.26%
Published
2007-04-24
Updated
2017-07-29
1 vulnerabilities found