High

CVE-2003-0167 - Unspecified vulnerability in Mutt

Publication: 2003-04-02
Summary

Multiple off-by-one buffer overflows in the IMAP capability for Mutt 1.3.28 and earlier, and Balsa 1.2.4 and earlier, allow a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a specially crafted mail folder, a different vulnerability than CVE-2003-0140.

Risk level (CVSS 7.5)

High

7.5

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

Affected Products

  • Mutt Mutt 1.3.12
  • Mutt Mutt 1.3.12.1
  • Mutt Mutt 1.3.16
  • Mutt Mutt 1.3.17
  • Mutt Mutt 1.3.22
  • Mutt Mutt 1.3.24
  • Mutt Mutt 1.3.25
  • Mutt Mutt 1.3.27
  • Mutt Mutt 1.3.28