Multiple off-by-one buffer overflows in the IMAP capability for Mutt 1.3.28 and earlier, and Balsa 1.2.4 and earlier, allow a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a specially crafted mail folder, a different vulnerability than CVE-2003-0140.
CVSS Score
7.5
EPSS Score
0.009
Published
2003-04-02
Buffer overflow in Mutt 1.4.0 and possibly earlier versions, 1.5.x up to 1.5.3, and other programs that use Mutt code such as Balsa before 2.0.10, allows a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a crafted folder.
CVSS Score
7.5
EPSS Score
0.019
Published
2003-03-24
Vulnerability in RFC822 address parser in mutt before 1.2.5.1 and mutt 1.3.x before 1.3.25 allows remote attackers to execute arbitrary commands via an improperly terminated comment or phrase in the address list.
CVSS Score
7.5
EPSS Score
0.021
Published
2002-02-27
Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands.
CVSS Score
7.5
EPSS Score
0.008
Published
2001-06-27
Mutt mail client allows a remote attacker to execute commands via shell metacharacters.
CVSS Score
7.5
EPSS Score
0.008
Published
1998-07-28
Page 5