Mutt
by Mutt
Source repositories
CVEs (52)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2006-5298 | 0.00 | — | 0.00 | Oct 16, 2006 | The mutt_adv_mktemp function in the Mutt mail client 1.5.12 and earlier does not properly verify that temporary files have been created with restricted permissions, which might allow local users to create files with weak permissions via a race condition between the mktemp and… | |||
| CVE-2006-3242 | 0.00 | — | 0.06 | Jun 27, 2006 | Stack-based buffer overflow in the browse_get_namespace function in imap/browse.c of Mutt 1.4.2.1 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via long namespaces received from the IMAP server. | |||
| CVE-2005-2642 | 0.00 | — | 0.04 | Aug 23, 2005 | Buffer overflow in the mutt_decode_xbit function in Handler.c for Mutt 1.5.10 allows remote attackers to execute arbitrary code, possibly due to interactions with libiconv or gettext. | |||
| CVE-2004-0078 | 0.00 | — | 0.05 | Mar 3, 2004 | Buffer overflow in the index menu code (menu_pad_string of menu.c) for Mutt 1.4.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain mail messages. | |||
| CVE-2003-0300 | 0.00 | — | 0.03 | Jun 16, 2003 | The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors. | |||
| CVE-2003-0299 | 0.00 | — | 0.02 | Jun 16, 2003 | The IMAP Client, as used in mutt 1.4.1 and Balsa 2.0.10, allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large mailbox size values that cause either integer signedness errors or integer overflow errors. | |||
| CVE-2003-0167 | 0.00 | — | 0.03 | Apr 2, 2003 | Multiple off-by-one buffer overflows in the IMAP capability for Mutt 1.3.28 and earlier, and Balsa 1.2.4 and earlier, allow a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a specially crafted mail folder, a different… | |||
| CVE-2003-0140 | 0.00 | — | 0.04 | Mar 24, 2003 | Buffer overflow in Mutt 1.4.0 and possibly earlier versions, 1.5.x up to 1.5.3, and other programs that use Mutt code such as Balsa before 2.0.10, allows a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a crafted folder. | |||
| CVE-2002-0001 | 0.00 | — | 0.03 | Feb 27, 2002 | Vulnerability in RFC822 address parser in mutt before 1.2.5.1 and mutt 1.3.x before 1.3.25 allows remote attackers to execute arbitrary commands via an improperly terminated comment or phrase in the address list. | |||
| CVE-2001-0473 | 0.00 | — | 0.02 | Jun 27, 2001 | Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands. | |||
| CVE-1999-0940 | 0.00 | — | 0.03 | Sep 27, 1999 | Buffer overflow in mutt mail client allows remote attackers to execute commands via malformed MIME messages. | |||
| CVE-1999-0941 | 0.00 | — | 0.02 | Jul 28, 1998 | Mutt mail client allows a remote attacker to execute commands via shell metacharacters. |
- CVE-2006-5298Oct 16, 2006risk 0.00cvss —epss 0.00
The mutt_adv_mktemp function in the Mutt mail client 1.5.12 and earlier does not properly verify that temporary files have been created with restricted permissions, which might allow local users to create files with weak permissions via a race condition between the mktemp and…
- CVE-2006-3242Jun 27, 2006risk 0.00cvss —epss 0.06
Stack-based buffer overflow in the browse_get_namespace function in imap/browse.c of Mutt 1.4.2.1 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via long namespaces received from the IMAP server.
- CVE-2005-2642Aug 23, 2005risk 0.00cvss —epss 0.04
Buffer overflow in the mutt_decode_xbit function in Handler.c for Mutt 1.5.10 allows remote attackers to execute arbitrary code, possibly due to interactions with libiconv or gettext.
- CVE-2004-0078Mar 3, 2004risk 0.00cvss —epss 0.05
Buffer overflow in the index menu code (menu_pad_string of menu.c) for Mutt 1.4.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain mail messages.
- CVE-2003-0300Jun 16, 2003risk 0.00cvss —epss 0.03
The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors.
- CVE-2003-0299Jun 16, 2003risk 0.00cvss —epss 0.02
The IMAP Client, as used in mutt 1.4.1 and Balsa 2.0.10, allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large mailbox size values that cause either integer signedness errors or integer overflow errors.
- CVE-2003-0167Apr 2, 2003risk 0.00cvss —epss 0.03
Multiple off-by-one buffer overflows in the IMAP capability for Mutt 1.3.28 and earlier, and Balsa 1.2.4 and earlier, allow a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a specially crafted mail folder, a different…
- CVE-2003-0140Mar 24, 2003risk 0.00cvss —epss 0.04
Buffer overflow in Mutt 1.4.0 and possibly earlier versions, 1.5.x up to 1.5.3, and other programs that use Mutt code such as Balsa before 2.0.10, allows a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a crafted folder.
- CVE-2002-0001Feb 27, 2002risk 0.00cvss —epss 0.03
Vulnerability in RFC822 address parser in mutt before 1.2.5.1 and mutt 1.3.x before 1.3.25 allows remote attackers to execute arbitrary commands via an improperly terminated comment or phrase in the address list.
- CVE-2001-0473Jun 27, 2001risk 0.00cvss —epss 0.02
Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands.
- CVE-1999-0940Sep 27, 1999risk 0.00cvss —epss 0.03
Buffer overflow in mutt mail client allows remote attackers to execute commands via malformed MIME messages.
- CVE-1999-0941Jul 28, 1998risk 0.00cvss —epss 0.02
Mutt mail client allows a remote attacker to execute commands via shell metacharacters.
Page 3 of 3