CVE ID | Published | Description | Score | Severity |
---|---|---|---|---|
Null pointer dereference when viewing a specially crafted email in Mutt >1.5.2 <2.2.12 | 6.5 |
Medium |
||
Null pointer dereference when composing from a specially crafted draft message in Mutt >1.5.2 <2.2.12 | 5.7 |
Medium |
||
Mutt does not verify that the smtps server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL SMTP server via an arbitrary certificate, a different vulnerability than CVE-2009-3766. | 5.8 |