7.5
CVSSv2

CVE-2003-0167

Published: 02/04/2003 Updated: 05/09/2008
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

Multiple off-by-one buffer overflows in the IMAP capability for Mutt 1.3.28 and previous versions, and Balsa 1.2.4 and previous versions, allow a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a specially crafted mail folder, a different vulnerability than CVE-2003-0140.

Affected Products

Vendor Product Versions
MuttMutt1.3.12, 1.3.12.1, 1.3.16, 1.3.17, 1.3.22, 1.3.24, 1.3.25, 1.3.27, 1.3.28

Vendor Advisories

Byrial Jensen discovered a couple of off-by-one buffer overflow in the IMAP code of Mutt, a text-oriented mail reader supporting IMAP, MIME, GPG, PGP and threading This code is imported in the Balsa package This problem could potentially allow a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code ...
Byrial Jensen discovered a couple of off-by-one buffer overflow in the IMAP code of Mutt, a text-oriented mail reader supporting IMAP, MIME, GPG, PGP and threading This problem could potentially allow a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a specially crafted mail folder For the ...