CVE-2004-0078

Published: Mar 3, 2004Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Buffer overflow in the index menu code (menu_pad_string of menu.c) for Mutt 1.4.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain mail messages.

Affected (18)

Products: Mutt: Mutt

1 product

Configuration A

18 vulnerable

Vulnerable Software	Affected Versions
Mutt Mutt	Version 1.2.1
Mutt Mutt	Version 1.2.5.12
Mutt Mutt	Version 1.2.5.12_ol
Mutt Mutt	Version 1.2.5.1
Mutt Mutt	Version 1.2.5.4
Mutt Mutt	Version 1.2.5.5
Mutt Mutt	Version 1.2.5
Mutt Mutt	Version 1.3.12.1
Mutt Mutt	Version 1.3.12
Mutt Mutt	Version 1.3.16
Mutt Mutt	Version 1.3.17
Mutt Mutt	Version 1.3.22
Mutt Mutt	Version 1.3.24
Mutt Mutt	Version 1.3.25
Mutt Mutt	Version 1.3.27
Mutt Mutt	Version 1.3.28
Mutt Mutt	Version 1.4.0
Mutt Mutt	Version 1.4.1

References (28)

ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2004-013.0.txt (unsafe URL)

Source: cve@mitre.org

http://bugs.debian.org/126336

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=107651677817933&w=2

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=107696262905039&w=2

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=107884956930903&w=2

Source: cve@mitre.org

http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:010

Source: cve@mitre.org

http://www.osvdb.org/3918

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2004-050.html

Source: cve@mitre.org

PatchVendor Advisory

http://www.redhat.com/support/errata/RHSA-2004-051.html

Source: cve@mitre.org

PatchVendor Advisory

http://www.securityfocus.com/bid/9641

Source: cve@mitre.org

PatchVendor Advisory

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.405053

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/15134

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A811

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A838

Source: cve@mitre.org

ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2004-013.0.txt (unsafe URL)

Source: af854a3a-2127-422b-91ae-364da2661108

http://bugs.debian.org/126336

Source: af854a3a-2127-422b-91ae-364da2661108

http://marc.info/?l=bugtraq&m=107651677817933&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://marc.info/?l=bugtraq&m=107696262905039&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://marc.info/?l=bugtraq&m=107884956930903&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:010

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/3918

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2004-050.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.redhat.com/support/errata/RHSA-2004-051.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.securityfocus.com/bid/9641

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.405053

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/15134

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A811

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A838

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.