Description of problem: A remote IMAP server can overflow a statically sized buffer on stack and possible execute arbitrary code with privilegies of user running Balsa with a long message name in response to FETCH command of IMAP protocol. Additional info: See URL for original Gnome Bugzilla entry which contains a patch.
The CVE identifier for the issue was requested.
has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.
This issue did not affect version of balsa as shipped with Red Hat Enterprise Linux 2.1.