{"id":"CVE-2004-1013","details":"The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) \"body[p\", (2) \"binary[p\", or (3) \"binary[p\") that cause an index increment error that leads to an out-of-bounds memory corruption.","modified":"2025-08-09T19:01:29Z","published":"2005-01-10T05:00:00Z","references":[{"type":"ADVISORY","url":"http://secunia.com/advisories/13274/"},{"type":"ADVISORY","url":"http://security.e-matters.de/advisories/152004.html"},{"type":"ADVISORY","url":"http://security.gentoo.org/glsa/glsa-200411-34.xml"},{"type":"FIX","url":"http://www.debian.org/security/2004/dsa-597"},{"type":"ADVISORY","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"},{"type":"ADVISORY","url":"https://www.ubuntu.com/usn/usn-31-1/"},{"type":"WEB","url":"http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce&msg=143"},{"type":"WEB","url":"http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"},{"type":"WEB","url":"http://marc.info/?l=bugtraq&m=110123023521619&w=2"}],"schema_version":"1.7.3"}