VulnerableCode Vulnerability Details

Search for vulnerabilities

System	Score	Found at
rhas	Moderate	https://access.redhat.com/errata/RHSA-2009:0275
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.06194	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.09766	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.11784	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.11784	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.11784	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.11784	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.11784	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.11784	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.11784	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.11784	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.11784	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.11784	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.11784	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.11784	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.11784	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
epss	0.11784	https://api.first.org/data/v1/epss?cve=CVE-2008-5005
cvssv2	10.0	https://nvd.nist.gov/vuln/detail/CVE-2008-5005

System

Score

Found at

rhas

Moderate

https://access.redhat.com/errata/RHSA-2009:0275

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.06194

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.09766

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.11784

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.11784

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.11784

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.11784

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.11784

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.11784

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.11784

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.11784

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.11784

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.11784

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.11784

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.11784

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.11784

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

epss

0.11784

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

cvssv2

10.0

https://nvd.nist.gov/vuln/detail/CVE-2008-5005

Reference id

Reference type

URL

http://mailman2.u.washington.edu/pipermail/imap-uw/2008-October/002267.html

http://mailman2.u.washington.edu/pipermail/imap-uw/2008-October/002268.html

http://marc.info/?l=full-disclosure&m=122572590212610&w=4

http://panda.com/imap/

http://rhn.redhat.com/errata/RHSA-2009-0275.html

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5005.json

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

https://bugzilla.redhat.com/show_bug.cgi?id=469667

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5005

http://secunia.com/advisories/32483

http://secunia.com/advisories/32512

http://secunia.com/advisories/33142

http://secunia.com/advisories/33996

http://securityreason.com/securityalert/4570

http://securitytracker.com/id?1021131

https://exchange.xforce.ibmcloud.com/vulnerabilities/46281

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10485

http://support.avaya.com/elmodocs2/security/ASA-2009-065.htm

https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00058.html

https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00082.html

http://www.bitsec.com/en/rad/bsa-081103.c

http://www.bitsec.com/en/rad/bsa-081103.txt

http://www.debian.org/security/2008/dsa-1685

http://www.mandriva.com/security/advisories?name=MDVSA-2009:146

http://www.openwall.com/lists/oss-security/2008/11/03/3

http://www.openwall.com/lists/oss-security/2008/11/03/4

http://www.openwall.com/lists/oss-security/2008/11/03/5

http://www.securityfocus.com/archive/1/498002/100/0/threaded

http://www.securityfocus.com/bid/32072

http://www.vupen.com/english/advisories/2008/3042

http://www.washington.edu/alpine/tmailbug.html

cpe:2.3:a:university_of_washington:alpine:0.80:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:alpine:0.80:*:*:*:*:*:*:*

cpe:2.3:a:university_of_washington:alpine:0.81:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:alpine:0.81:*:*:*:*:*:*:*

cpe:2.3:a:university_of_washington:alpine:0.82:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:alpine:0.82:*:*:*:*:*:*:*

cpe:2.3:a:university_of_washington:alpine:0.83:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:alpine:0.83:*:*:*:*:*:*:*

cpe:2.3:a:university_of_washington:alpine:0.98:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:alpine:0.98:*:*:*:*:*:*:*

cpe:2.3:a:university_of_washington:alpine:0.99:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:alpine:0.99:*:*:*:*:*:*:*

cpe:2.3:a:university_of_washington:alpine:0.999:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:alpine:0.999:*:*:*:*:*:*:*

cpe:2.3:a:university_of_washington:alpine:0.9999:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:alpine:0.9999:*:*:*:*:*:*:*

cpe:2.3:a:university_of_washington:alpine:0.99999:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:alpine:0.99999:*:*:*:*:*:*:*

cpe:2.3:a:university_of_washington:alpine:0.999999:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:alpine:0.999999:*:*:*:*:*:*:*

cpe:2.3:a:university_of_washington:alpine:1.00:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:alpine:1.00:*:*:*:*:*:*:*

cpe:2.3:a:university_of_washington:alpine:1.10:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:alpine:1.10:*:*:*:*:*:*:*

cpe:2.3:a:university_of_washington:alpine:2.00:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:alpine:2.00:*:*:*:*:*:*:*

cpe:2.3:a:university_of_washington:imap_toolkit:2002:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:imap_toolkit:2002:*:*:*:*:*:*:*

cpe:2.3:a:university_of_washington:imap_toolkit:2003:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:imap_toolkit:2003:*:*:*:*:*:*:*

cpe:2.3:a:university_of_washington:imap_toolkit:2004:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:imap_toolkit:2004:*:*:*:*:*:*:*

cpe:2.3:a:university_of_washington:imap_toolkit:2005:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:imap_toolkit:2005:*:*:*:*:*:*:*

cpe:2.3:a:university_of_washington:imap_toolkit:2006:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:imap_toolkit:2006:*:*:*:*:*:*:*

cpe:2.3:a:university_of_washington:imap_toolkit:2007:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:imap_toolkit:2007:*:*:*:*:*:*:*

cpe:2.3:a:university_of_washington:imap_toolkit:2007c:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:imap_toolkit:2007c:*:*:*:*:*:*:*

CVE-2008-5005

https://nvd.nist.gov/vuln/detail/CVE-2008-5005

GLSA-200911-03

https://security.gentoo.org/glsa/200911-03

RHSA-2009:0275

https://access.redhat.com/errata/RHSA-2009:0275

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.

There are no relevant records.

Vulnerability ID	VCID-fdg1-sfty-aaag
Aliases	CVE-2008-5005
Summary	Multiple stack-based buffer overflows in (1) University of Washington IMAP Toolkit 2002 through 2007c, (2) University of Washington Alpine 2.00 and earlier, and (3) Panda IMAP allow (a) local users to gain privileges by specifying a long folder extension argument on the command line to the tmail or dmail program; and (b) remote attackers to execute arbitrary code by sending e-mail to a destination mailbox name composed of a username and '+' character followed by a long string, processed by the tmail or possibly dmail program.
Status	Published
Exploitability	0.5
Weighted Severity	9.0
Risk	4.5
Affected and Fixed Packages	Package Details

Percentile	0.89922
EPSS Score	0.06194
Published At	March 28, 2025, 12:55 p.m.