Published: 17/07/2018 Updated: 19/05/2020

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

An issue exists in NeoMutt prior to 2018-07-16. nntp_add_group in newsrc.c has a stack-based buffer overflow because of incorrect sscanf usage.

Vulnerable Product	Search on Vulmon	Subscribe to Product
debian debian linux 9.0
debian debian linux 8.0
neomutt neomutt

Debian Bug report logs - #904021 neomutt: CVE-2018-14349 CVE-2018-14350 CVE-2018-14351 CVE-2018-14352 CVE-2018-14353 CVE-2018-14354 CVE-2018-14355 CVE-2018-14356 CVE-2018-14357 CVE-2018-14358 CVE-2018-14359 CVE-2018-14360 CVE-2018-14361 CVE-2018-14362 CVE-2018-14363 Package: src:neomutt; Maintainer for src:neomutt is Mutt maintainers < ...

Several vulnerabilities were discovered in Mutt, a text-based mailreader supporting MIME, GPG, PGP and threading, potentially leading to code execution, denial of service or information disclosure when connecting to a malicious mail/NNTP server For the stable distribution (stretch), these problems have been fixed in version 172-1+deb9u1 We reco ...

An issue was discovered in NeoMutt before 2018-07-16 nntp_add_group in newsrcc has a stack-based buffer overflow because of incorrect sscanf usage ...

CWE-787 https://neomutt.org/2018/07/16/release https://github.com/neomutt/neomutt/commit/6296f7153f0c9d5e5cd3aaf08f9731e56621bdd3 https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html https://www.debian.org/security/2018/dsa-4277 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021 https://nvd.nist.gov https://www.debian.org/security/./dsa-4277

CVE-2018-14360

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect