Vulnerability Description
Buffer overflow in Mutt 1.4.0 and possibly earlier versions, 1.5.x up to 1.5.3, and other programs that use Mutt code such as Balsa before 2.0.10, allows a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a crafted folder.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mutt | Mutt | 1.3.12 |
References
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000626
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000630
- http://marc.info/?l=bugtraq&m=104817995421439&w=2
- http://marc.info/?l=bugtraq&m=104818814931378&w=2
- http://marc.info/?l=bugtraq&m=104852190605988&w=2
- http://marc.info/?l=bugtraq&m=105171507629573&w=2
- http://www.coresecurity.com/common/showdoc.php?idx=310&idxseccion=10
- http://www.debian.org/security/2003/dsa-268
- http://www.gentoo.org/security/en/glsa/glsa-200303-19.xml
- http://www.mandriva.com/security/advisories?name=MDKSA-2003:041
- http://www.novell.com/linux/security/advisories/2003_020_mutt.html
- http://www.redhat.com/support/errata/RHSA-2003-109.html
- http://www.securityfocus.com/archive/1/315679Vendor Advisory
- http://www.securityfocus.com/bid/7120PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11583
FAQ
What is CVE-2003-0140?
CVE-2003-0140 is a vulnerability with a CVSS score of 7.5 (HIGH). Buffer overflow in Mutt 1.4.0 and possibly earlier versions, 1.5.x up to 1.5.3, and other programs that use Mutt code such as Balsa before 2.0.10, allows a remote malicious IMAP server to cause a deni...
How severe is CVE-2003-0140?
CVE-2003-0140 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-0140?
Check the references section above for vendor advisories and patch information. Affected products include: Mutt Mutt.