This CVE isn't worthy of existence. A user can crash his/her own IMAP session by issuing a specific SEARCH command, which is just slightly worse than user issuing a LOGOUT command. It took years for people to notice this bug, because just about no IMAP client issues such a command.
Seemingly Similar Threads
- Xen Security Advisory 25 (CVE-2012-4544, CVE-2012-2625) - Xen domain builder Out-of-memory due to malicious kernel/ramdisk
- CVE-2015-3420
- CVE-2021-33515: SMTP Submission service STARTTLS injection
- CVE-2021-33515: SMTP Submission service STARTTLS injection
- [CVE-2012-2944] NUT vulnerability: upsd can be remotely crashed
Wisdom of the Ancients
