CVE-2004-0078 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Mutt

7 documents6 sources

Severity

7.5HIGHNVD

EPSS

5.7%

top 9.61%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mutt Debian Mutt

Timeline

PublishedMar 3

Latest updateMay 3

Description

Buffer overflow in the index menu code (menu_pad_string of menu.c) for Mutt 1.4.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain mail messages.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages3 packages

▶debiandebian/mutt< mutt 1.5.6-20040722+1 (bookworm)

▶Debianmutt/mutt< 1.5.6-20040722+1+3

▶NVDmutt/mutt18 versions+17

Patches

Patch: www.redhat.com ↗Patch: www.redhat.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-rrvh-pgqf-54ph: Buffer overflow in the index menu code (menu_pad_string of menu↗2022-05-03

▶

OSV

CVE-2004-0078: Buffer overflow in the index menu code (menu_pad_string of menu↗2004-03-03

▶

📋Vendor Advisories

Red Hat

security flaw↗2004-02-11

▶

Debian

CVE-2004-0078: mutt - Buffer overflow in the index menu code (menu_pad_string of menu.c) for Mutt 1.4....↗2004

▶

💬Community

Bugzilla

CVE-2004-0078 security flaw↗2018-08-16

▶