{"api_version":"1","generated_at":"2026-04-23T14:43:54+00:00","cve":"CVE-1999-1224","urls":{"html":"https://cve.report/CVE-1999-1224","api":"https://cve.report/api/cve/CVE-1999-1224.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-1999-1224","nvd":"https://nvd.nist.gov/vuln/detail/CVE-1999-1224"},"summary":{"title":"CVE-1999-1224","description":"IMAP 4.1 BETA, and possibly other versions, does not properly handle the SIGABRT (abort) signal, which allows local users to crash the server (imapd) via certain sequences of commands, which causes a core dump that may contain sensitive password information.","state":"PUBLISHED","assigner":"mitre","published_at":"1997-10-08 04:00:00","updated_at":"2025-04-03 01:03:51"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"3.6","severity":"","vector":"AV:L/AC:L/Au:N/C:P/I:N/A:P","data":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:N/A:P","baseScore":3.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"PARTIAL"}}],"references":[{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/349","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/349","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://marc.info/?l=bugtraq&m=87635124302928&w=2","name":"http://marc.info/?l=bugtraq&m=87635124302928&w=2","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"'L0pht Advisory: IMAP4rev1 imapd server' - MARC","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-1999-1224","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-1999-1224","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"1999","cve_id":"1224","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"university_of_washington","cpe5":"imapd","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"1999","cve_id":"1224","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"university_of_washington","cpe5":"imapd","cpe6":"4.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-01T17:02:53.863Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"imapd-core(349)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/349"},{"name":"19971008 L0pht Advisory: IMAP4rev1 imapd server","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=87635124302928&w=2"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"1997-10-08T00:00:00.000Z","descriptions":[{"lang":"en","value":"IMAP 4.1 BETA, and possibly other versions, does not properly handle the SIGABRT (abort) signal, which allows local users to crash the server (imapd) via certain sequences of commands, which causes a core dump that may contain sensitive password information."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-12-18T21:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"imapd-core(349)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/349"},{"name":"19971008 L0pht Advisory: IMAP4rev1 imapd server","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://marc.info/?l=bugtraq&m=87635124302928&w=2"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-1999-1224","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"IMAP 4.1 BETA, and possibly other versions, does not properly handle the SIGABRT (abort) signal, which allows local users to crash the server (imapd) via certain sequences of commands, which causes a core dump that may contain sensitive password information."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"imapd-core(349)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/349"},{"name":"19971008 L0pht Advisory: IMAP4rev1 imapd server","refsource":"BUGTRAQ","url":"http://marc.info/?l=bugtraq&m=87635124302928&w=2"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-1999-1224","datePublished":"2001-09-12T04:00:00.000Z","dateReserved":"2001-08-31T00:00:00.000Z","dateUpdated":"2024-08-01T17:02:53.863Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"1997-10-08 04:00:00","lastModifiedDate":"2025-04-03 01:03:51","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:N/A:P","baseScore":3.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"LOW","exploitabilityScore":3.9,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:university_of_washington:imapd:*:*:*:*:*:*:*:*","matchCriteriaId":"358DA403-C53C-41C5-8BA2-ECCD90A08FC4"},{"vulnerable":true,"criteria":"cpe:2.3:a:university_of_washington:imapd:4.1:*:*:*:*:*:*:*","matchCriteriaId":"F96386E6-0756-4181-9A05-1AA8AA202982"}]}]}]},"legacy_mitre":{"record":{"CveYear":"1999","CveId":"1224","Ordinal":"1","Title":"CVE-1999-1224","CVE":"CVE-1999-1224","Year":"1999"},"notes":[{"CveYear":"1999","CveId":"1224","Ordinal":"1","NoteData":"IMAP 4.1 BETA, and possibly other versions, does not properly handle the SIGABRT (abort) signal, which allows local users to crash the server (imapd) via certain sequences of commands, which causes a core dump that may contain sensitive password information.","Type":"Description","Title":"CVE-1999-1224"},{"CveYear":"1999","CveId":"1224","Ordinal":"2","NoteData":"2001-09-12","Type":"Other","Title":"Published"},{"CveYear":"1999","CveId":"1224","Ordinal":"3","NoteData":"2017-12-18","Type":"Other","Title":"Modified"}]}}}