| Vulnerability Name: | CVE-2003-0140 (CCN-11583) | ||||||||||||||||||||
| Assigned: | 2003-03-19 | ||||||||||||||||||||
| Published: | 2003-03-19 | ||||||||||||||||||||
| Updated: | 2017-10-11 | ||||||||||||||||||||
| Summary: | Buffer overflow in Mutt 1.4.0 and possibly earlier versions, 1.5.x up to 1.5.3, and other programs that use Mutt code such as Balsa before 2.0.10, allows a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a crafted folder. | ||||||||||||||||||||
| CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||||||||||||||
| CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||||||||||||||
| Vulnerability Type: | CWE-Other | ||||||||||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||||||||||
| References: | Source: CCN Type: BugTraq Mailing List, Wed Mar 19 2003 - 17:15:46 CST mutt-1.4.1 fixes a buffer overflow. Source: MITRE Type: CNA CVE-2003-0140 Source: CONECTIVA Type: UNKNOWN CLA-2003:626 Source: CONECTIVA Type: UNKNOWN CLA-2003:630 Source: CCN Type: Conectiva Linux Security Announcement CLSA-2003:630 balsa Source: CCN Type: Conectiva Linux Security Announcement CLSA-2003:635 balsa Source: BUGTRAQ Type: UNKNOWN 20030320 [OpenPKG-SA-2003.025] OpenPKG Security Advisory (mutt) Source: BUGTRAQ Type: UNKNOWN 20030320 CORE-20030304-02: Vulnerability in Mutt Mail User Agent Source: BUGTRAQ Type: UNKNOWN 20030322 GLSA: mutt (200303-19) Source: BUGTRAQ Type: UNKNOWN 20030430 GLSA: balsa (200304-10) Source: CCN Type: RHSA-2003-109 Updated balsa and mutt packages fix vulnerabilities Source: CCN Type: RHSA-2003-111 balsa security update Source: MISC Type: UNKNOWN http://www.coresecurity.com/common/showdoc.php?idx=310&idxseccion=10 Source: CCN Type: Core Security Technologies Advisory CORE-20030304-02 Vulnerability in Mutt Mail User Agent Source: DEBIAN Type: UNKNOWN DSA-268 Source: DEBIAN Type: DSA-268 mutt -- buffer overflow Source: GENTOO Type: UNKNOWN GLSA-200303-19 Source: CCN Type: Gentoo Linux Security Announcement 200303-19 mutt buffer overflow Source: CCN Type: Gentoo Linux Security Announcement 200304-10 balsa remote Source: MANDRAKE Type: UNKNOWN MDKSA-2003:041 Source: SUSE Type: UNKNOWN SuSE-SA:2003:020 Source: REDHAT Type: UNKNOWN RHSA-2003:109 Source: BUGTRAQ Type: Vendor Advisory 20030319 mutt-1.4.1 fixes a buffer overflow. Source: BID Type: Patch, Vendor Advisory 7120 Source: CCN Type: BID-7120 Mutt UTF-7 Internationalized Remote Folder Buffer Overrun Vulnerability Source: CCN Type: slackware-security Mailing List, Sat, 29 Mar 2003 15:56:21 -0800 (PST) [slackware-security] Mutt buffer overflow in IMAP support Source: XF Type: UNKNOWN mutt-folder-name-bo(11583) Source: XF Type: UNKNOWN mutt-folder-name-bo(11583) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:2 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:434 Source: SUSE Type: SUSE-SA:2003:020 mutt: remote system compromise | ||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||
| |||||||||||||||||||||
| BACK | |||||||||||||||||||||