CVE-2017-14461 log

Severity High
Remote Yes
Type Information disclosure
A specially crafted email delivered over SMTP and passed on to Dovecot by MTA can trigger an out of bounds read resulting in potential sensitive information disclosure of an email from another user or may cause an application crash. In order to trigger this vulnerability, an imap-authenticated attacker needs to send a specially crafted email message to the server.
Group Package Affected Fixed Severity Status Ticket
AVG-645 dovecot 2.3.0-2 High Fixed
Date Advisory Group Package Severity Type
06 Mar 2018 ASA-201803-7 AVG-645 dovecot High multiple issues