Alerte pour un CPE
Stay informed of any changes for a specific CPE.
CPE Name: cpe:2.3:a:mutt:mutt:2.0.2:*:*:*:*:*:*:*
Informations
Vendor
muttProduct
muttVersion
2.0.2Related CVE
| CVE ID | Published | Description | Score | Severity |
|---|---|---|---|---|
| Null pointer dereference when viewing a specially crafted email in Mutt >1.5.2 <2.2.12 | 6.5 |
Medium |
||
| Null pointer dereference when composing from a specially crafted draft message in Mutt >1.5.2 <2.2.12 | 5.7 |
Medium |
||
| Buffer Overflow in uudecoder in Mutt affecting all versions starting from 0.94.13 before 2.2.3 allows read past end of input line | 5.3 |
Medium |
||
| Mutt 1.11.0 through 2.0.x before 2.0.7 (and NeoMutt 2019-10-25 through 2021-05-04) has a $imap_qresync issue in which imap/util.c has an out-of-bounds read in situations where an IMAP sequence set ends with a comma. NOTE: the $imap_qresync setting for QRESYNC is not enabled by default. | 9.1 |
Critical |
||
| rfc822.c in Mutt through 2.0.4 allows remote attackers to cause a denial of service (mailbox unavailability) by sending email messages with sequences of semicolon characters in RFC822 address fields (aka terminators of empty groups). A small email message from the attacker can cause large memory consumption, and the victim may then be unable to see email messages from other persons. | 6.5 |
Medium |
||
| Mutt does not verify that the smtps server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL SMTP server via an arbitrary certificate, a different vulnerability than CVE-2009-3766. | 5.8 |
