CVE

CVE-2019-11500

admin

CVE-2019-11500

In Dovecot before 2.2.36.4 and 2.3.x before 2.3.7.2 (and Pigeonhole before 0.5.7.2), protocol processing can fail for quoted strings. This occurs because ‘{$content}’ characters are mishandled, and can lead to out-of-bounds writes and remote code execution.

Source: CVE-2019-11500

Exit mobile version