Published: 02/04/2003 Updated: 05/09/2008

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Multiple off-by-one buffer overflows in the IMAP capability for Mutt 1.3.28 and previous versions, and Balsa 1.2.4 and previous versions, allow a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a specially crafted mail folder, a different vulnerability than CVE-2003-0140.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mutt mutt 1.3.12.1
mutt mutt 1.3.17
mutt mutt 1.3.28
mutt mutt 1.3.22
mutt mutt 1.3.24
mutt mutt 1.3.25
mutt mutt 1.3.27
mutt mutt 1.3.12
mutt mutt 1.3.16

Byrial Jensen discovered a couple of off-by-one buffer overflow in the IMAP code of Mutt, a text-oriented mail reader supporting IMAP, MIME, GPG, PGP and threading This code is imported in the Balsa package This problem could potentially allow a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code ...

Byrial Jensen discovered a couple of off-by-one buffer overflow in the IMAP code of Mutt, a text-oriented mail reader supporting IMAP, MIME, GPG, PGP and threading This problem could potentially allow a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a specially crafted mail folder For the ...

NVD-CWE-Other http://www.debian.org/security/2003/dsa-274 http://www.securityfocus.com/bid/7229 http://www.debian.org/security/2003/dsa-300 https://nvd.nist.gov https://www.debian.org/security/./dsa-300

CVE-2003-0167

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect