CVE-2019-19783

An issue was discovered in Cyrus IMAP before 2.5.15, 3.0.x before 3.0.13, and 3.1.x through 3.1.8. If sieve script uploading is allowed (3.x) or certain non-default sieve options are enabled (2.x), a user with a mail account on the service can use a sieve script containing a fileinto directive to create any mailbox with administrator privileges, because of folder mishandling in autosievecreatefolder() in imap/lmtpsieve.c.

References

Affected packages

Git / github.com/cyrusimap/cyrus-imapd

Affected ranges

Type: GIT
Repo: https://github.com/cyrusimap/cyrus-imapd
Events: Introduced

5549888feb02784120b7ef0c8a26390b83125108

Fixed

ea36054b9e43aff9f435eec2460f8237f3d71e01

Introduced

65c252b8a3a05c09b3425ce96e1dc6a11dabbe4a

Fixed

89519bce0d64d350faf48351f68ba05f6e31b428

Introduced

e43cdba3e707a5a7043f273cbfb160e359ffcb13

Fixed

96d194de82d3dbe124a359069bd21f5cba7519ba

Affected versions

cyrus-imapd-2.*

cyrus-imapd-2.5.0

cyrus-imapd-2.5.1

cyrus-imapd-2.5.10

cyrus-imapd-2.5.11

cyrus-imapd-2.5.12

cyrus-imapd-2.5.13

cyrus-imapd-2.5.14

cyrus-imapd-2.5.2

cyrus-imapd-2.5.3

cyrus-imapd-2.5.4

cyrus-imapd-2.5.5

cyrus-imapd-2.5.6

cyrus-imapd-2.5.7

cyrus-imapd-2.5.8

cyrus-imapd-2.5.9

cyrus-imapd-3.*

cyrus-imapd-3.0.0

cyrus-imapd-3.0.1

cyrus-imapd-3.0.10

cyrus-imapd-3.0.11

cyrus-imapd-3.0.12

cyrus-imapd-3.0.2

cyrus-imapd-3.0.3

cyrus-imapd-3.0.4

cyrus-imapd-3.0.5

cyrus-imapd-3.0.6

cyrus-imapd-3.0.7

cyrus-imapd-3.0.8

cyrus-imapd-3.0.9

cyrus-imapd-3.1.0-dev

cyrus-imapd-3.1.1

cyrus-imapd-3.1.2

cyrus-imapd-3.1.3

cyrus-imapd-3.1.4

cyrus-imapd-3.1.5

cyrus-imapd-3.1.6

cyrus-imapd-3.1.7

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-19783.json"