CVE-2010-4011

medium

Description

Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage memory for user names, which allows remote authenticated users to read the private e-mail of other persons in opportunistic circumstances via standard e-mail clients accessing a user's own mailbox, related to a "memory aliasing issue."

References

http://support.apple.com/kb/HT4452

http://lists.apple.com/archives/security-announce/2010//Nov/msg00001.html

Details

Source: Mitre, NVD

Published: 2010-11-17

Updated: 2010-11-17

Risk Information

CVSS v2

Base Score: 4

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 4.3

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N