Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0078

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2004-0078
Last Modified 10 Sep 2008 03:25:02
Published 03 Mar 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0078

Summary

Buffer overflow in the index menu code (menu_pad_string of menu.c) for Mutt 1.4.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain mail messages.

Vulnerable Systems

Application

  • Mutt 1.2.1

  • Mutt 1.2.5

  • Mutt 1.2.5.1

  • Mutt 1.2.5.12

  • Mutt 1.2.5.12 Ol

  • Mutt 1.2.5.4

  • Mutt 1.2.5.5

  • Mutt 1.3.12

  • Mutt 1.3.12.1

  • Mutt 1.3.16

  • Mutt 1.3.17

  • Mutt 1.3.22

  • Mutt 1.3.24

  • Mutt 1.3.25

  • Mutt 1.3.27

  • Mutt 1.3.28

  • Mutt 1.4.0

  • Mutt 1.4.1


References

BID - 9641

REDHAT - RHSA-2004:051

REDHAT - RHSA-2004:050

XF - mutt-index-menu-bo(15134)

CONFIRM - http://bugs.debian.org/126336

SLACKWARE - SSA:2004-043

OSVDB - 3918

MANDRAKE - MDKSA-2004:010

BUGTRAQ - 20040309 [OpenPKG-SA-2004.005] OpenPKG Security Advisory (mutt)

BUGTRAQ - 20040215 LNSA-#2004-0001: mutt remote crash

BUGTRAQ - 20040211 Mutt-1.4.2 fixes buffer overflow.

CALDERA - CSSA-2004-013.0


Last Updated: 27 May 2016 10:38:28