Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Mutt Subscribe
Total 46 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2003-0299 2 Mutt, Stuart Parmenter 2 Mutt, Balsa 2016-10-18 7.5 HIGH N/A
The IMAP Client, as used in mutt 1.4.1 and Balsa 2.0.10, allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large mailbox size values that cause either integer signedness errors or integer overflow errors.
CVE-2002-0001 1 Mutt 1 Mutt 2016-10-18 7.5 HIGH N/A
Vulnerability in RFC822 address parser in mutt before 1.2.5.1 and mutt 1.3.x before 1.3.25 allows remote attackers to execute arbitrary commands via an improperly terminated comment or phrase in the address list.
CVE-1999-0941 1 Mutt 1 Mutt 2016-10-18 7.5 HIGH N/A
Mutt mail client allows a remote attacker to execute commands via shell metacharacters.
CVE-2009-3765 2 Mutt, Openssl 2 Mutt, Openssl 2009-10-29 6.8 MEDIUM N/A
mutt_ssl.c in mutt 1.5.19 and 1.5.20, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
CVE-2005-2642 1 Mutt 1 Mutt 2008-09-05 7.5 HIGH N/A
Buffer overflow in the mutt_decode_xbit function in Handler.c for Mutt 1.5.10 allows remote attackers to execute arbitrary code, possibly due to interactions with libiconv or gettext.
CVE-2003-0167 1 Mutt 1 Mutt 2008-09-05 7.5 HIGH N/A
Multiple off-by-one buffer overflows in the IMAP capability for Mutt 1.3.28 and earlier, and Balsa 1.2.4 and earlier, allow a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a specially crafted mail folder, a different vulnerability than CVE-2003-0140.