Vulnerability Report

CVE-2002-2253

RCE

Title: Cyrus Sieve multiple buffer overflows RCE

RCE

Proof Of Concept

No public PoC currently indexed for CVE-2002-2253.

CWE Category CWE-119
Published Date Dec 31, 2002
Modified Date Apr 03, 2025
Exploit Status Not Found
Score 10.0 CVSS v2.0
Exploit Probability (EPSS)
14.87%

Vulnerability Summary

CVE-2002-2253: Multiple buffer overflows in Cyrus Sieve / libSieve 2.1.2 and earlier allow remote attackers to execute arbitrary code via (1) a long header name, (2) a long IMAP flag, or (3) a script that generates a large number of errors that overflow the resulting error string.

Impacted Vendors

C
cyrus 1

Reference Links

http://archives.neohapsis.com/archives/bugtraq/2002-12/0019.html http://www.securityfocus.com/bid/6294 http://www.securityfocus.com/bid/6299 http://www.securityfocus.com/bid/6300 https://exchange.xforce.ibmcloud.com/vulnerabilities/10743 https://exchange.xforce.ibmcloud.com/vulnerabilities/10779 https://exchange.xforce.ibmcloud.com/vulnerabilities/10780 http://archives.neohapsis.com/archives/bugtraq/2002-12/0019.html http://www.securityfocus.com/bid/6294 http://www.securityfocus.com/bid/6299 http://www.securityfocus.com/bid/6300 https://exchange.xforce.ibmcloud.com/vulnerabilities/10743 https://exchange.xforce.ibmcloud.com/vulnerabilities/10779 https://exchange.xforce.ibmcloud.com/vulnerabilities/10780
CVSS v2.0
Source Entity [email protected]
Severity HIGH
10.0
Access Vector
N/A
Authentication
N/A
RAW VECTOR AV:N/AC:L/Au:N/C:C/I:C/A:C

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2002-2253 Exploits & PoCs (Proof Of Concept)

No public PoCs found in our database for this CVE.

MODIFIED

Vulnerability data or affected products updated.

PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector N/A
Complexity N/A
Privileges N/A
Interaction NONE
CVSS Vector String AV:N/AC:L/Au:N/C:C/I:C/A:C

Affected Stack

No specific products linked.