What is the severity of CVE-2011-3481?

CVE-2011-3481 has a medium severity rating, as it allows for denial of service attacks due to null pointer dereference.

How do I fix CVE-2011-3481?

To fix CVE-2011-3481, upgrade your Cyrus IMAP Server to version 2.4.11 or later.

What versions of Cyrus IMAP Server are affected by CVE-2011-3481?

CVE-2011-3481 affects Cyrus IMAP Server versions prior to 2.4.11, including several 2.2.x, 2.3.x, and 2.4.x versions.

What are the potential impacts of CVE-2011-3481?

The potential impacts of CVE-2011-3481 include server crashes and denial of service, affecting the availability of email services.

Can CVE-2011-3481 be exploited remotely?

Yes, CVE-2011-3481 can be exploited remotely by sending a specially crafted email with a malicious References header.

Vulnerability/
CVE-2011-3481

medium

4.3

CWE

NVD-CWE-Other 476

14/9/2011

6/8/2024

CVE-2011-3481: Null Pointer Dereference

First published: Wed Sep 14 2011(Updated: )

The index_get_ids function in index.c in imapd in Cyrus IMAP Server before 2.4.11, when server-side threading is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted References header in an e-mail message.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Cyrus IMAP Server	=2.2.12
Cyrus IMAP Server	=2.3.13
Cyrus IMAP Server	=2.2.13p1
Cyrus IMAP Server	=2.3.12
Cyrus IMAP Server	=2.4.1
Cyrus IMAP Server	=2.1.17
Cyrus IMAP Server	=2.4.5
Cyrus IMAP Server	=2.3.6
Cyrus IMAP Server	=2.3.0
Cyrus IMAP Server	=2.2.11
Cyrus IMAP Server	=2.3.14
Cyrus IMAP Server	=2.3.2
Cyrus IMAP Server	=2.4.0
Cyrus IMAP Server	=2.3.11
Cyrus IMAP Server	=2.3.17
Cyrus IMAP Server	<=2.4.10
Cyrus IMAP Server	=2.3.8
Cyrus IMAP Server	=2.4.8
Cyrus IMAP Server	=2.3.5
Cyrus IMAP Server	=2.4.7
Cyrus IMAP Server	=2.2.9
Cyrus IMAP Server	=2.4.6
Cyrus IMAP Server	=2.4.3
Cyrus IMAP Server	=2.4.4
Cyrus IMAP Server	=2.3.9
Cyrus IMAP Server	=2.3.10
Cyrus IMAP Server	=2.2.13
Cyrus IMAP Server	=2.1.16
Cyrus IMAP Server	=2.3.7
Cyrus IMAP Server	=2.2.8
Cyrus IMAP Server	=2.3.16
Cyrus IMAP Server	=2.0.17
Cyrus IMAP Server	=2.3.1
Cyrus IMAP Server	=2.4.2
Cyrus IMAP Server	=2.3.4
Cyrus IMAP Server	=2.2.10
Cyrus IMAP Server	=2.1.18
Cyrus IMAP Server	=2.3.3
Cyrus IMAP Server	=2.3.15
Cyrus IMAP Server	=2.4.9

Remedy

http://git.cyrusimap.org/cyrus-imapd/commit/?id=6e776956a1a9dfa58eacdd0ddd52644009eac9e5

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2011-3481?
CVE-2011-3481 has a medium severity rating, as it allows for denial of service attacks due to null pointer dereference.
How do I fix CVE-2011-3481?
To fix CVE-2011-3481, upgrade your Cyrus IMAP Server to version 2.4.11 or later.
What versions of Cyrus IMAP Server are affected by CVE-2011-3481?
CVE-2011-3481 affects Cyrus IMAP Server versions prior to 2.4.11, including several 2.2.x, 2.3.x, and 2.4.x versions.
What are the potential impacts of CVE-2011-3481?
The potential impacts of CVE-2011-3481 include server crashes and denial of service, affecting the availability of email services.
Can CVE-2011-3481 be exploited remotely?
Yes, CVE-2011-3481 can be exploited remotely by sending a specially crafted email with a malicious References header.

agent/references
agent/type
collector/mitre-cve
source/MITRE
agent/weakness
agent/author
agent/severity
agent/remedy
agent/last-modified-date
agent/first-publish-date
agent/event
agent/description
agent/source
agent/softwarecombine
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/cmu
canonical/cyrus imap server
version/cyrus imap server/2.2.12
version/cyrus imap server/2.3.13
version/cyrus imap server/2.2.13p1
version/cyrus imap server/2.3.12
version/cyrus imap server/2.4.1
version/cyrus imap server/2.1.17
version/cyrus imap server/2.4.5
version/cyrus imap server/2.3.6
version/cyrus imap server/2.3.0
version/cyrus imap server/2.2.11
version/cyrus imap server/2.3.14
version/cyrus imap server/2.3.2
version/cyrus imap server/2.4.0
version/cyrus imap server/2.3.11
version/cyrus imap server/2.3.17
version/cyrus imap server/2.4.10
version/cyrus imap server/2.3.8
version/cyrus imap server/2.4.8
version/cyrus imap server/2.3.5
version/cyrus imap server/2.4.7
version/cyrus imap server/2.2.9
version/cyrus imap server/2.4.6
version/cyrus imap server/2.4.3
version/cyrus imap server/2.4.4
version/cyrus imap server/2.3.9
version/cyrus imap server/2.3.10
version/cyrus imap server/2.2.13
version/cyrus imap server/2.1.16
version/cyrus imap server/2.3.7
version/cyrus imap server/2.2.8
version/cyrus imap server/2.3.16
version/cyrus imap server/2.0.17
version/cyrus imap server/2.3.1
version/cyrus imap server/2.4.2
version/cyrus imap server/2.3.4
version/cyrus imap server/2.2.10
version/cyrus imap server/2.1.18
version/cyrus imap server/2.3.3
version/cyrus imap server/2.3.15
version/cyrus imap server/2.4.9

Frequently Asked Questions

What is the severity of CVE-2011-3481?
CVE-2011-3481 has a medium severity rating, as it allows for denial of service attacks due to null pointer dereference.
How do I fix CVE-2011-3481?
To fix CVE-2011-3481, upgrade your Cyrus IMAP Server to version 2.4.11 or later.
What versions of Cyrus IMAP Server are affected by CVE-2011-3481?
CVE-2011-3481 affects Cyrus IMAP Server versions prior to 2.4.11, including several 2.2.x, 2.3.x, and 2.4.x versions.
What are the potential impacts of CVE-2011-3481?
The potential impacts of CVE-2011-3481 include server crashes and denial of service, affecting the availability of email services.
Can CVE-2011-3481 be exploited remotely?
Yes, CVE-2011-3481 can be exploited remotely by sending a specially crafted email with a malicious References header.

CVE-2011-3481: Null Pointer Dereference

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2011-3481?

How do I fix CVE-2011-3481?

What versions of Cyrus IMAP Server are affected by CVE-2011-3481?

What are the potential impacts of CVE-2011-3481?

Can CVE-2011-3481 be exploited remotely?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2011-3481?

How do I fix CVE-2011-3481?

What versions of Cyrus IMAP Server are affected by CVE-2011-3481?

What are the potential impacts of CVE-2011-3481?

Can CVE-2011-3481 be exploited remotely?