CVE-2019-11500

Publication date

2019-08-29 13:51:46

Family

mitre

State

PUBLISHED

Description

In Dovecot before 2.2.36.4 and 2.3.x before 2.3.7.2 (and Pigeonhole before 0.5.7.2), protocol processing can fail for quoted strings. This occurs because 0 characters are mishandled, and can lead to out-of-bounds writes and remote code execution.