Unrated severityNVD Advisory· Published Sep 25, 2012· Updated Jun 16, 2026
CVE-2012-1103
CVE-2012-1103
Description
emacs/notmuch-mua.el in Notmuch before 0.11.1, when using the Emacs interface, allows user-assisted remote attackers to read arbitrary files via crafted MML tags, which are not properly quoted in an email reply cna cause the files to be attached to the message.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
31cpe:2.3:a:notmuchmail:notmuch:*:*:*:*:*:*:*:*+ 30 more
- cpe:2.3:a:notmuchmail:notmuch:*:*:*:*:*:*:*:*range: <=0.11
- cpe:2.3:a:notmuchmail:notmuch:0.1:*:*:*:*:*:*:*
- cpe:2.3:a:notmuchmail:notmuch:0.10:*:*:*:*:*:*:*
- cpe:2.3:a:notmuchmail:notmuch:0.10.1:*:*:*:*:*:*:*
- cpe:2.3:a:notmuchmail:notmuch:0.10.2:*:*:*:*:*:*:*
- cpe:2.3:a:notmuchmail:notmuch:0.10:rc1:*:*:*:*:*:*
- cpe:2.3:a:notmuchmail:notmuch:0.10:rc2:*:*:*:*:*:*
- cpe:2.3:a:notmuchmail:notmuch:0.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:notmuchmail:notmuch:0.11:rc1:*:*:*:*:*:*
- cpe:2.3:a:notmuchmail:notmuch:0.11:rc2:*:*:*:*:*:*
- cpe:2.3:a:notmuchmail:notmuch:0.11:rc2-1:*:*:*:*:*:*
- cpe:2.3:a:notmuchmail:notmuch:0.11:rc3:*:*:*:*:*:*
- cpe:2.3:a:notmuchmail:notmuch:0.11:rc3-1:*:*:*:*:*:*
- cpe:2.3:a:notmuchmail:notmuch:0.2:*:*:*:*:*:*:*
- cpe:2.3:a:notmuchmail:notmuch:0.3:*:*:*:*:*:*:*
- cpe:2.3:a:notmuchmail:notmuch:0.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:notmuchmail:notmuch:0.4:*:*:*:*:*:*:*
- cpe:2.3:a:notmuchmail:notmuch:0.5:*:*:*:*:*:*:*
- cpe:2.3:a:notmuchmail:notmuch:0.6:*:*:*:*:*:*:*
- cpe:2.3:a:notmuchmail:notmuch:0.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:notmuchmail:notmuch:0.6:254:*:*:*:*:*:*
- cpe:2.3:a:notmuchmail:notmuch:0.6:rc1:*:*:*:*:*:*
- cpe:2.3:a:notmuchmail:notmuch:0.7:*:*:*:*:*:*:*
- cpe:2.3:a:notmuchmail:notmuch:0.7:rc1:*:*:*:*:*:*
- cpe:2.3:a:notmuchmail:notmuch:0.8:*:*:*:*:*:*:*
- cpe:2.3:a:notmuchmail:notmuch:0.8:rc0:*:*:*:*:*:*
- cpe:2.3:a:notmuchmail:notmuch:0.8:rc1:*:*:*:*:*:*
- cpe:2.3:a:notmuchmail:notmuch:0.9:*:*:*:*:*:*:*
- cpe:2.3:a:notmuchmail:notmuch:0.9:rc1:*:*:*:*:*:*
- cpe:2.3:a:notmuchmail:notmuch:0.9:rc2:*:*:*:*:*:*
- (no CPE)range: <0.11.1
Patches
Vulnerability mechanics
References
6- www.openwall.com/lists/oss-security/2012/03/04/5nvdExploitPatch
- www.openwall.com/lists/oss-security/2012/03/05/6nvdExploitPatch
- notmuchmail.org/news/release-0.11.1/nvdVendor Advisory
- secunia.com/advisories/48139nvdVendor Advisory
- www.debian.org/security/2012/dsa-2416nvd
- www.securityfocus.com/bid/52155nvd
News mentions
0No linked articles in our index yet.