Buffer overflow in Mutt 1.4.0 and possibly earlier versions, 1.5.x up to 1.5.3, and other programs that use Mutt code such as Balsa before 2.0.10, allows a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a crafted folder.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Mutt | Mutt | 1.3.12 (including) | 1.3.12 (including) |
| Mutt | Mutt | 1.3.16 (including) | 1.3.16 (including) |
| Mutt | Mutt | 1.3.17 (including) | 1.3.17 (including) |
| Mutt | Mutt | 1.3.22 (including) | 1.3.22 (including) |
| Mutt | Mutt | 1.3.24 (including) | 1.3.24 (including) |
| Mutt | Mutt | 1.3.25 (including) | 1.3.25 (including) |
| Mutt | Mutt | 1.3.27 (including) | 1.3.27 (including) |
| Mutt | Mutt | 1.4.0 (including) | 1.4.0 (including) |
| Mutt | Mutt | 1.5.3 (including) | 1.5.3 (including) |