Multiple off-by-one buffer overflows in the IMAP capability for Mutt 1.3.28 and earlier, and Balsa 1.2.4 and earlier, allow a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a specially crafted mail folder, a different vulnerability than CVE-2003-0140.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Mutt | Mutt | 1.3.12 | 1.3.12 |
Mutt | Mutt | 1.3.12.1 | 1.3.12.1 |
Mutt | Mutt | 1.3.16 | 1.3.16 |
Mutt | Mutt | 1.3.17 | 1.3.17 |
Mutt | Mutt | 1.3.22 | 1.3.22 |
Mutt | Mutt | 1.3.24 | 1.3.24 |
Mutt | Mutt | 1.3.25 | 1.3.25 |
Mutt | Mutt | 1.3.27 | 1.3.27 |
Mutt | Mutt | 1.3.28 | 1.3.28 |
Balsa | Ubuntu | dapper | * |
Balsa | Ubuntu | devel | * |
Balsa | Ubuntu | edgy | * |
Balsa | Ubuntu | feisty | * |