Vulnerability Details CVE-2002-0001
Vulnerability in RFC822 address parser in mutt before 1.2.5.1 and mutt 1.3.x before 1.3.25 allows remote attackers to execute arbitrary commands via an improperly terminated comment or phrase in the address list.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.021
EPSS Ranking 83.2%
CVSS Severity
CVSS v2 Score 7.5
References
- ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-002.0.txt
- ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:04.mutt.asc
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000449
- http://marc.info/?l=bugtraq&m=100994648918287&w=2
- http://online.securityfocus.com/advisories/3778
- http://www.debian.org/security/2002/dsa-096
- http://www.iss.net/security_center/static/7759.php
- http://www.mutt.org/announce/mutt-1.2.5.1-1.3.25.html
- http://www.novell.com/linux/security/advisories/2002_001_mutt_txt.html
- http://www.redhat.com/support/errata/RHSA-2002-003.html
- http://www.securityfocus.com/bid/3774
- ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-002.0.txt
- ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:04.mutt.asc
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000449
- http://marc.info/?l=bugtraq&m=100994648918287&w=2
- http://online.securityfocus.com/advisories/3778
- http://www.debian.org/security/2002/dsa-096
- http://www.iss.net/security_center/static/7759.php
- http://www.mutt.org/announce/mutt-1.2.5.1-1.3.25.html
- http://www.novell.com/linux/security/advisories/2002_001_mutt_txt.html
- http://www.redhat.com/support/errata/RHSA-2002-003.html
- http://www.securityfocus.com/bid/3774