Vulnerability Description
Buffer overflow in the index menu code (menu_pad_string of menu.c) for Mutt 1.4.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain mail messages.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mutt | Mutt | 1.2.1 |
References
- ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2004-013.0.txt
- http://bugs.debian.org/126336
- http://marc.info/?l=bugtraq&m=107651677817933&w=2
- http://marc.info/?l=bugtraq&m=107696262905039&w=2
- http://marc.info/?l=bugtraq&m=107884956930903&w=2
- http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:010
- http://www.osvdb.org/3918
- http://www.redhat.com/support/errata/RHSA-2004-050.htmlPatchVendor Advisory
- http://www.redhat.com/support/errata/RHSA-2004-051.htmlPatchVendor Advisory
- http://www.securityfocus.com/bid/9641PatchVendor Advisory
- http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slack
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15134
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2004-013.0.txt
FAQ
What is CVE-2004-0078?
CVE-2004-0078 is a vulnerability with a CVSS score of 7.5 (HIGH). Buffer overflow in the index menu code (menu_pad_string of menu.c) for Mutt 1.4.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certa...
How severe is CVE-2004-0078?
CVE-2004-0078 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-0078?
Check the references section above for vendor advisories and patch information. Affected products include: Mutt Mutt.