Cisco Talos is disclosing a single out-of-bounds read vulnerability in Dovecot IMAP server. Dovecot has released version 2.2.34 to address this issue. Talos recommends installing this update as quickly as possible on affected systems. RFC822 deals with the standard for ARPA internet text messages. An attacker could use a specially crafted email delivered over SMTP and passed on to Dovecot by the message transfer agent, or MTA, to trigger an out of-out-bound read that potentially results in the disclosure of sensitive information.”]
Source: https://blog.talosintelligence.com/2018/03/dovecot-vulnerability.html