{"api_version":"1","generated_at":"2026-04-23T10:55:55+00:00","cve":"CVE-2008-5514","urls":{"html":"https://cve.report/CVE-2008-5514","api":"https://cve.report/api/cve/CVE-2008-5514.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2008-5514","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2008-5514"},"summary":{"title":"CVE-2008-5514","description":"Off-by-one error in the rfc822_output_char function in the RFC822BUFFER routines in the University of Washington (UW) c-client library, as used by the UW IMAP toolkit before imap-2007e and other applications, allows context-dependent attackers to cause a denial of service (crash) via an e-mail message that triggers a buffer overflow.","state":"PUBLISHED","assigner":"redhat","published_at":"2008-12-23 18:30:03","updated_at":"2026-04-23 00:35:47"},"problem_types":["CWE-119","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"4.3","severity":"","vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","data":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:N/A:P","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"}}],"references":[{"url":"https://www.redhat.com/archives/fedora-package-announce/2009-January/msg00846.html","name":"https://www.redhat.com/archives/fedora-package-announce/2009-January/msg00846.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"[SECURITY] Fedora 9 Update: uw-imap-2007e-1.fc9","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/32958","name":"http://www.securityfocus.com/bid/32958","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"University of Washington IMAP c-client Buffer Overflow Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:146","name":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:146","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Support / Security / Advisories /  / MDVSA-2009:146 | Mandriva","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://securitytracker.com/id?1021485","name":"http://securitytracker.com/id?1021485","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"uw-imap Client Library Bug Lets Remote Users Deny Service - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/33638","name":"http://secunia.com/advisories/33638","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Security Advisory SA33638 - Fedora update for uw-imap - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=477227","name":"https://bugzilla.redhat.com/show_bug.cgi?id=477227","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Bug 477227 – CVE-2008-5514 libc-client: buffer overflow in rfc822_output_char / rfc822_output_data","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.washington.edu/imap/documentation/RELNOTES.html","name":"http://www.washington.edu/imap/documentation/RELNOTES.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"UW IMAP software--UW IMAP Server Documentation","mime":"text/html","httpstatus":"404","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2008/3490","name":"http://www.vupen.com/english/advisories/2008/3490","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Webmail - OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/33275","name":"http://secunia.com/advisories/33275","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"UW-imapd c-client Library Off-by-one Vulnerability - Secunia Advisories - Vulnerability Information - Secunia.com","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/47526","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/47526","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2008-5514","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-5514","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2008","cve_id":"5514","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"university_of_washington","cpe5":"imap","cpe6":"2000","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"5514","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"university_of_washington","cpe5":"imap","cpe6":"2000a","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"5514","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"university_of_washington","cpe5":"imap","cpe6":"2000b","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"5514","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"university_of_washington","cpe5":"imap","cpe6":"2000c","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"5514","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"university_of_washington","cpe5":"imap","cpe6":"2001","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"5514","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"university_of_washington","cpe5":"imap","cpe6":"2001a","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"5514","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"university_of_washington","cpe5":"imap","cpe6":"2002","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"5514","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"university_of_washington","cpe5":"imap","cpe6":"2002a","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"5514","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"university_of_washington","cpe5":"imap","cpe6":"2002b","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"5514","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"university_of_washington","cpe5":"imap","cpe6":"2002c","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"5514","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"university_of_washington","cpe5":"imap","cpe6":"2002d","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"5514","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"university_of_washington","cpe5":"imap","cpe6":"2002e","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"5514","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"university_of_washington","cpe5":"imap","cpe6":"2002f","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"5514","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"university_of_washington","cpe5":"imap","cpe6":"2004","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"5514","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"university_of_washington","cpe5":"imap","cpe6":"2004a","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"5514","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"university_of_washington","cpe5":"imap","cpe6":"2004b","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"5514","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"university_of_washington","cpe5":"imap","cpe6":"2004c","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"5514","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"university_of_washington","cpe5":"imap","cpe6":"2004d","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"5514","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"university_of_washington","cpe5":"imap","cpe6":"2004e","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"5514","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"university_of_washington","cpe5":"imap","cpe6":"2004f","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"5514","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"university_of_washington","cpe5":"imap","cpe6":"2004g","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"5514","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"university_of_washington","cpe5":"imap","cpe6":"2006","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"5514","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"university_of_washington","cpe5":"imap","cpe6":"2006a","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"5514","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"university_of_washington","cpe5":"imap","cpe6":"2006b","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"5514","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"university_of_washington","cpe5":"imap","cpe6":"2006c","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"5514","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"university_of_washington","cpe5":"imap","cpe6":"2006d","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"5514","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"university_of_washington","cpe5":"imap","cpe6":"2006e","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"5514","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"university_of_washington","cpe5":"imap","cpe6":"2006f","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"5514","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"university_of_washington","cpe5":"imap","cpe6":"2006g","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"5514","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"university_of_washington","cpe5":"imap","cpe6":"2006h","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"5514","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"university_of_washington","cpe5":"imap","cpe6":"2006i","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"5514","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"university_of_washington","cpe5":"imap","cpe6":"2006j","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"5514","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"university_of_washington","cpe5":"imap","cpe6":"2006k","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"5514","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"university_of_washington","cpe5":"imap","cpe6":"2007","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"5514","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"university_of_washington","cpe5":"imap","cpe6":"2007a","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"5514","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"university_of_washington","cpe5":"imap","cpe6":"2007b","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"5514","vulnerable":"1","versionEndIncluding":"2007d","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"university_of_washington","cpe5":"imap","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[{"cvename":"CVE-2008-5514","organization":"Red Hat","lastmodified":"2009-01-12","contributor":"Tomas Hoger","statementText":"Not vulnerable. This issue did not affect the versions of imap as shipped with Red Hat Enterprise Linux 2.1 and 3, and the versions of libc-client as shipped with Red Hat Enterprise Linux 4 and 5.","cve_year":"2008","cve_id":"5514","crc32":"7d35d280"}],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T10:56:47.016Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.washington.edu/imap/documentation/RELNOTES.html"},{"name":"33275","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/33275"},{"name":"32958","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/32958"},{"name":"33638","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/33638"},{"name":"uwimapd-rfc822outputchar-dos(47526)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/47526"},{"name":"1021485","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://securitytracker.com/id?1021485"},{"name":"FEDORA-2009-0371","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-January/msg00846.html"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=477227"},{"name":"ADV-2008-3490","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2008/3490"},{"name":"MDVSA-2009:146","tags":["vendor-advisory","x_refsource_MANDRIVA","x_transferred"],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:146"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2008-12-22T00:00:00.000Z","descriptions":[{"lang":"en","value":"Off-by-one error in the rfc822_output_char function in the RFC822BUFFER routines in the University of Washington (UW) c-client library, as used by the UW IMAP toolkit before imap-2007e and other applications, allows context-dependent attackers to cause a denial of service (crash) via an e-mail message that triggers a buffer overflow."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-08-07T12:57:01.000Z","orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat"},"references":[{"tags":["x_refsource_CONFIRM"],"url":"http://www.washington.edu/imap/documentation/RELNOTES.html"},{"name":"33275","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/33275"},{"name":"32958","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/32958"},{"name":"33638","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/33638"},{"name":"uwimapd-rfc822outputchar-dos(47526)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/47526"},{"name":"1021485","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://securitytracker.com/id?1021485"},{"name":"FEDORA-2009-0371","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-January/msg00846.html"},{"tags":["x_refsource_CONFIRM"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=477227"},{"name":"ADV-2008-3490","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2008/3490"},{"name":"MDVSA-2009:146","tags":["vendor-advisory","x_refsource_MANDRIVA"],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:146"}]}},"cveMetadata":{"assignerOrgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","assignerShortName":"redhat","cveId":"CVE-2008-5514","datePublished":"2008-12-23T18:13:00.000Z","dateReserved":"2008-12-12T00:00:00.000Z","dateUpdated":"2024-08-07T10:56:47.016Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2008-12-23 18:30:03","lastModifiedDate":"2026-04-23 00:35:47","problem_types":["CWE-119","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:N/A:P","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:university_of_washington:imap:*:*:*:*:*:*:*:*","versionEndIncluding":"2007d","matchCriteriaId":"26CF4464-7DBE-4C8E-B6CF-A4777ADB1D96"},{"vulnerable":true,"criteria":"cpe:2.3:a:university_of_washington:imap:2000:*:*:*:*:*:*:*","matchCriteriaId":"68ABE6C6-A499-4E11-91E9-8F8B61776BDE"},{"vulnerable":true,"criteria":"cpe:2.3:a:university_of_washington:imap:2000a:*:*:*:*:*:*:*","matchCriteriaId":"4BE0A870-F96D-42A8-ACDA-EC6BF9C4CAD7"},{"vulnerable":true,"criteria":"cpe:2.3:a:university_of_washington:imap:2000b:*:*:*:*:*:*:*","matchCriteriaId":"D2F84DA2-C7DE-4659-AEB6-8E4AB059B85A"},{"vulnerable":true,"criteria":"cpe:2.3:a:university_of_washington:imap:2000c:*:*:*:*:*:*:*","matchCriteriaId":"4DACC0FF-2831-4905-8862-DC46D9EF2B3D"},{"vulnerable":true,"criteria":"cpe:2.3:a:university_of_washington:imap:2001:*:*:*:*:*:*:*","matchCriteriaId":"64C291AE-CA06-4982-AB18-A2C6DF6BCB9E"},{"vulnerable":true,"criteria":"cpe:2.3:a:university_of_washington:imap:2001a:*:*:*:*:*:*:*","matchCriteriaId":"85B417A8-D3DF-4808-9880-BCDB747148E6"},{"vulnerable":true,"criteria":"cpe:2.3:a:university_of_washington:imap:2002:*:*:*:*:*:*:*","matchCriteriaId":"C8284427-CFFE-4075-9EC1-5E77DD5F0F9F"},{"vulnerable":true,"criteria":"cpe:2.3:a:university_of_washington:imap:2002a:*:*:*:*:*:*:*","matchCriteriaId":"593B87AB-3009-4690-B09F-2D79E7019B2A"},{"vulnerable":true,"criteria":"cpe:2.3:a:university_of_washington:imap:2002b:*:*:*:*:*:*:*","matchCriteriaId":"6C43CED0-66F6-4D3B-A24B-81ACA70243D5"},{"vulnerable":true,"criteria":"cpe:2.3:a:university_of_washington:imap:2002c:*:*:*:*:*:*:*","matchCriteriaId":"ABD1CAF4-C478-4126-A450-AFBCA5CC1ACF"},{"vulnerable":true,"criteria":"cpe:2.3:a:university_of_washington:imap:2002d:*:*:*:*:*:*:*","matchCriteriaId":"35F2E0DB-E67C-4351-BC9D-6DF77F07D2D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:university_of_washington:imap:2002e:*:*:*:*:*:*:*","matchCriteriaId":"DB4BB0BD-03F6-403B-BE5A-9D610DF59869"},{"vulnerable":true,"criteria":"cpe:2.3:a:university_of_washington:imap:2002f:*:*:*:*:*:*:*","matchCriteriaId":"851E2CD6-E061-4236-B44C-FC9810CD16DF"},{"vulnerable":true,"criteria":"cpe:2.3:a:university_of_washington:imap:2004:*:*:*:*:*:*:*","matchCriteriaId":"188B27E0-5BAF-46B2-82F0-79CA0859A33D"},{"vulnerable":true,"criteria":"cpe:2.3:a:university_of_washington:imap:2004a:*:*:*:*:*:*:*","matchCriteriaId":"E78E770B-83C3-414F-8F1F-2E70C604873E"},{"vulnerable":true,"criteria":"cpe:2.3:a:university_of_washington:imap:2004b:*:*:*:*:*:*:*","matchCriteriaId":"A8E72678-D201-4A9E-B42F-E76B44C2F062"},{"vulnerable":true,"criteria":"cpe:2.3:a:university_of_washington:imap:2004c:*:*:*:*:*:*:*","matchCriteriaId":"9E232637-E1E6-4B85-9AF1-FD91A9767087"},{"vulnerable":true,"criteria":"cpe:2.3:a:university_of_washington:imap:2004d:*:*:*:*:*:*:*","matchCriteriaId":"EA74AD8D-6364-4DA9-8F0A-A11AE9FB1011"},{"vulnerable":true,"criteria":"cpe:2.3:a:university_of_washington:imap:2004e:*:*:*:*:*:*:*","matchCriteriaId":"3465EC3A-5250-4729-AC7A-AE9D0E4C8BFB"},{"vulnerable":true,"criteria":"cpe:2.3:a:university_of_washington:imap:2004f:*:*:*:*:*:*:*","matchCriteriaId":"0E4D902D-C846-4698-952A-028927D24ABC"},{"vulnerable":true,"criteria":"cpe:2.3:a:university_of_washington:imap:2004g:*:*:*:*:*:*:*","matchCriteriaId":"7724A2ED-D633-43C0-B547-FBD8EBA86DBF"},{"vulnerable":true,"criteria":"cpe:2.3:a:university_of_washington:imap:2006:*:*:*:*:*:*:*","matchCriteriaId":"E6C44FAA-8BDE-4C86-9891-A1CF6B23407F"},{"vulnerable":true,"criteria":"cpe:2.3:a:university_of_washington:imap:2006a:*:*:*:*:*:*:*","matchCriteriaId":"2CB3CD69-985E-4DE1-9A08-E4EB216F0793"},{"vulnerable":true,"criteria":"cpe:2.3:a:university_of_washington:imap:2006b:*:*:*:*:*:*:*","matchCriteriaId":"8423C322-77A5-4CAA-8901-8B8F1D9FF8E8"},{"vulnerable":true,"criteria":"cpe:2.3:a:university_of_washington:imap:2006c:*:*:*:*:*:*:*","matchCriteriaId":"9862573C-0379-4585-8ECB-2B3B98FA7944"},{"vulnerable":true,"criteria":"cpe:2.3:a:university_of_washington:imap:2006d:*:*:*:*:*:*:*","matchCriteriaId":"C028BF64-22F5-424E-A959-42AEB2ABEED6"},{"vulnerable":true,"criteria":"cpe:2.3:a:university_of_washington:imap:2006e:*:*:*:*:*:*:*","matchCriteriaId":"9EAB09AD-F648-402F-921A-9345275143BD"},{"vulnerable":true,"criteria":"cpe:2.3:a:university_of_washington:imap:2006f:*:*:*:*:*:*:*","matchCriteriaId":"4E8DA588-ADCA-4125-8217-F27D035948FE"},{"vulnerable":true,"criteria":"cpe:2.3:a:university_of_washington:imap:2006g:*:*:*:*:*:*:*","matchCriteriaId":"F552DEE9-4730-405E-B482-E002E5A39A67"},{"vulnerable":true,"criteria":"cpe:2.3:a:university_of_washington:imap:2006h:*:*:*:*:*:*:*","matchCriteriaId":"E74FA86E-A6A0-4EC7-A0F7-31AE362F9308"},{"vulnerable":true,"criteria":"cpe:2.3:a:university_of_washington:imap:2006i:*:*:*:*:*:*:*","matchCriteriaId":"4CC6B678-CF97-431C-8EFB-5E2223966F78"},{"vulnerable":true,"criteria":"cpe:2.3:a:university_of_washington:imap:2006j:*:*:*:*:*:*:*","matchCriteriaId":"6D9229C6-6251-4675-9396-5753AB81C80A"},{"vulnerable":true,"criteria":"cpe:2.3:a:university_of_washington:imap:2006k:*:*:*:*:*:*:*","matchCriteriaId":"9E280DD2-F66A-48FF-B23A-FF49753C2654"},{"vulnerable":true,"criteria":"cpe:2.3:a:university_of_washington:imap:2007:*:*:*:*:*:*:*","matchCriteriaId":"85BC14FB-C24B-405D-9C83-1444874489AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:university_of_washington:imap:2007a:*:*:*:*:*:*:*","matchCriteriaId":"E25C5926-DCA2-4766-B2DE-C5818494F850"},{"vulnerable":true,"criteria":"cpe:2.3:a:university_of_washington:imap:2007b:*:*:*:*:*:*:*","matchCriteriaId":"535F9E8E-6BB4-455D-A8A4-50D0531F28A2"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2008","CveId":"5514","Ordinal":"1","Title":"CVE-2008-5514","CVE":"CVE-2008-5514","Year":"2008"},"notes":[{"CveYear":"2008","CveId":"5514","Ordinal":"1","NoteData":"Off-by-one error in the rfc822_output_char function in the RFC822BUFFER routines in the University of Washington (UW) c-client library, as used by the UW IMAP toolkit before imap-2007e and other applications, allows context-dependent attackers to cause a denial of service (crash) via an e-mail message that triggers a buffer overflow.","Type":"Description","Title":"CVE-2008-5514"},{"CveYear":"2008","CveId":"5514","Ordinal":"2","NoteData":"2008-12-23","Type":"Other","Title":"Published"},{"CveYear":"2008","CveId":"5514","Ordinal":"3","NoteData":"2017-08-07","Type":"Other","Title":"Modified"}]}}}