CVE-2014-9116 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Mutt

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-476 — NULL Pointer Dereference8 documents8 sources

Severity

5.0MEDIUMNVD

EPSS

3.5%

top 12.35%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mutt Debian Linux Mageia +2 more

Timeline

PublishedDec 2

Latest updateMay 14

Description

The write_one_header function in mutt 1.5.23 does not properly handle newline characters at the beginning of a header, which allows remote attackers to cause a denial of service (crash) via a header with an empty body, which triggers a heap-based buffer overflow in the mutt_substrdup function.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages5 packages

▶Debianmutt/mutt< 1.5.23-2+3

▶NVDmutt/mutt1.5.23

▶NVDmageia/mageia4.0

▶NVDsuse/linux_enterprise_desktop12

▶NVDsuse/suse_linux_enterprise_server12

Also affects: Debian Linux 7.0

🔴Vulnerability Details

GHSA

GHSA-mv99-5p2c-93vv: The write_one_header function in mutt 1↗2022-05-14

▶

CVEList

CVE-2014-9116: The write_one_header function in mutt 1↗2014-12-02

▶

OSV

CVE-2014-9116: The write_one_header function in mutt 1↗2014-12-02

▶

📋Vendor Advisories

Ubuntu

Mutt vulnerability↗2014-12-11

▶

Red Hat

mutt: incorrect use of mutt_substrdup() in write_one_header()↗2014-11-26

▶

Debian

CVE-2014-9116: mutt - The write_one_header function in mutt 1.5.23 does not properly handle newline ch...↗2014

▶

💬Community

Bugzilla

CVE-2014-9116 mutt: incorrect use of mutt_substrdup() in write_one_header()↗2014-11-27

▶