This vulnerability has been modified since it was last analyzed by the NVD. It is awaiting reanalysis which may result in further changes to the information provided.
In Dovecot before 188.8.131.52 and 2.3.x before 184.108.40.206 (and Pigeonhole before 0.5.7.2), protocol processing can fail for quoted strings. This occurs because '\0' characters are mishandled, and can lead to out-of-bounds writes and remote code execution.
CVSS 3.x Severity and Metrics:
CVSS 2.0 Severity and Metrics: