Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
3.5
CVSSv2

CVE-2007-2683

Published: 15/05/2007 Updated: 11/10/2017
CVSS v2 Base Score: 3.5 | Impact Score: 6.4 | Exploitability Score: 1.5
VMScore: 355
Vector: AV:L/AC:H/Au:S/C:P/I:P/A:P
Subscribe to Mutt

Vulnerability Summary

Buffer overflow in Mutt 1.4.2 might allow local users to execute arbitrary code via "&" characters in the GECOS field, which triggers the overflow during alias expansion.

Vulnerable Product Search on Vulmon Subscribe to Product

mutt mutt 1.4.2

Vendor Advisories

Debian CVElist Bug Report Logs: CVE-2007-2683: Buffer overflow in Mutt 1.4.2 might allow local users to execute arbitrary code
Debian Bug report logs - #426116 CVE-2007-2683: Buffer overflow in Mutt 142 might allow local users to execute arbitrary code Package: mutt; Maintainer for mutt is Mutt maintainers <mutt@packagesdebianorg>; Source for mutt is src:mutt (PTS, buildd, popcon) Reported by: Stefan Fritsch <sf@sfritschde> Date: Sat, 2 ...

Exploits

Exploit DB: Mutt 1.4.2 - Mutt_Gecos_Name Function Local Buffer Overflow
source: wwwsecurityfocuscom/bid/24192/info Mutt is prone to a local buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before using it in a memory copy operation An attacker can exploit this issue to execute arbitrary code with the with the privileges of the victim Failed exploit attempts will r ...

References

NVD-CWE-Otherhttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=239890http://www.securitytracker.com/id?1018066http://dev.mutt.org/trac/ticket/2885https://issues.rpath.com/browse/RPL-1391http://www.mandriva.com/security/advisories?name=MDKSA-2007:113http://www.redhat.com/support/errata/RHSA-2007-0386.htmlhttp://www.trustix.org/errata/2007/0024/http://www.securityfocus.com/bid/24192http://secunia.com/advisories/25408http://secunia.com/advisories/25529http://secunia.com/advisories/25515http://secunia.com/advisories/25546http://secunia.com/advisories/26415http://osvdb.org/34973https://exchange.xforce.ibmcloud.com/vulnerabilities/34441https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10543https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=426116https://nvd.nist.govhttps://www.exploit-db.com/exploits/30093/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3400CVE-2023-7252CVE-2024-21111denial of serviceCVE-2024-29661CVE-2024-22856remote attackersencryptionCVE-2023-38299
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook