Red Hat Bugzilla – Bug 297581
CVE-2007-5007 balsa: IMAP server triggerred stack overflow
Last modified: 2008-01-09 08:50:25 EST
Description of problem:
A remote IMAP server can overflow a statically sized buffer on stack and
possible execute arbitrary code with privilegies of user running Balsa with a
long message name in response to FETCH command of IMAP protocol.
See URL for original Gnome Bugzilla entry which contains a patch.
The CVE identifier for the issue was requested.
has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.
This issue did not affect version of balsa as shipped with Red Hat Enterprise