CVE-2019-11500 log

Severity Critical
Remote Yes
Type Arbitrary code execution
IMAP and ManageSieve protocol parsers in Dovecot before and Pigeonhole before do not properly handle NUL byte when scanning data in quoted strings, leading to out of bounds heap memory writes.
Group Package Affected Fixed Severity Status Ticket
AVG-1027 pigeonhole Critical Fixed
AVG-1026 dovecot Critical Fixed
Date Advisory Group Package Severity Type
28 Aug 2019 ASA-201908-19 AVG-1027 pigeonhole Critical arbitrary code execution
28 Aug 2019 ASA-201908-18 AVG-1026 dovecot Critical arbitrary code execution