cbcvebase.
CVE-2007-2683
published 2007-05-15

CVE-2007-2683: Buffer overflow in Mutt 1.4.2 might allow local users to execute arbitrary code via "&" characters in the GECOS field, which triggers the overflow during alias…

PriorityP420low3.5CVSS 2.0
AVLACHAuSCPIPAP
EXPLOIT
EPSS
0.81%
52.2th percentile
Buffer overflow in Mutt 1.4.2 might allow local users to execute arbitrary code via "&" characters in the GECOS field, which triggers the overflow during alias expansion.

Affected

6 ranges
VendorProductVersion rangeFixed in
debianmutt< mutt 1.5.15+20070608-1 (bookworm)mutt 1.5.15+20070608-1 (bookworm)
muttmutt
muttmutt>= 0 < 1.5.15+20070608-11.5.15+20070608-1
muttmutt>= 0 < 1.5.15+20070608-11.5.15+20070608-1
muttmutt>= 0 < 1.5.15+20070608-11.5.15+20070608-1
muttmutt>= 0 < 1.5.15+20070608-11.5.15+20070608-1

CVSS provenance

nvdv2.03.5LOWAV:L/AC:H/Au:S/C:P/I:P/A:P
osv3.5LOW
vendor_debian3.5LOW
vendor_redhat3.5LOW
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.