CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2018-14349 – Ubuntu Security Notice USN-7204-1
https://notcve.org/view.php?id=CVE-2018-14349
17 Jul 2018 — An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/command.c mishandles a NO response without a message. Se ha descubierto un problema en Mutt en versiones anteriores a la 1.10.1 y NeoMutt en versiones anteriores al 2018-07-16. imap/command.c gestiona de manera incorrecta una respuesta NO sin mensaje. USN-3719-1 fixed vulnerabilities in Mutt. Unfortunately, the fixes were not correctly applied to the packaging for Mutt in Ubuntu 16.04 LTS. This update corrects the oversight. • http://www.mutt.org/news.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2018-14361 – Ubuntu Security Notice USN-7204-1
https://notcve.org/view.php?id=CVE-2018-14361
17 Jul 2018 — An issue was discovered in NeoMutt before 2018-07-16. nntp.c proceeds even if memory allocation fails for messages data. Se ha descubierto un problema en NeoMutt en versiones anteriores al 2018-07-16. nntp.c continúa incluso aunque la asignación de memoria fracase para los datos de mensajes. Jeriko One discovered that NeoMutt incorrectly handled certain IMAP and POP3 responses. An attacker could possibly use this issue to cause NeoMutt to crash, resulting in a denial of service, or the execution of arbitrar... • https://github.com/neomutt/neomutt/commit/9e927affe3a021175f354af5fa01d22657c20585 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2018-14356 – Ubuntu Security Notice USN-7204-1
https://notcve.org/view.php?id=CVE-2018-14356
17 Jul 2018 — An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c mishandles a zero-length UID. Se ha descubierto un problema en Mutt en versiones anteriores a la 1.10.1 y NeoMutt en versiones anteriores al 2018-07-16. pop.c gestiona de manera incorrecta un UID de longitud cero. Jeriko One discovered that NeoMutt incorrectly handled certain IMAP and POP3 responses. An attacker could possibly use this issue to cause NeoMutt to crash, resulting in a denial of service, or the execution of arbi... • http://www.mutt.org/news.html • CWE-824: Access of Uninitialized Pointer •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2018-14359 – Gentoo Linux Security Advisory 201810-07
https://notcve.org/view.php?id=CVE-2018-14359
17 Jul 2018 — An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They have a buffer overflow via base64 data. Se ha descubierto un problema en Mutt en versiones anteriores a la 1.10.1 y NeoMutt en versiones anteriores al 2018-07-16. Tienen un desbordamiento de búfer mediante datos en base64. Several vulnerabilities were discovered in Mutt, a text-based mailreader supporting MIME, GPG, PGP and threading, potentially leading to code execution, denial of service or information disclosure when conne... • http://www.mutt.org/news.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2018-14351 – Gentoo Linux Security Advisory 201810-07
https://notcve.org/view.php?id=CVE-2018-14351
17 Jul 2018 — An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/command.c mishandles a long IMAP status mailbox literal count size. Se ha descubierto un problema en Mutt en versiones anteriores a la 1.10.1 y NeoMutt en versiones anteriores al 2018-07-16. imap/command.c gestiona de manera incorrecta un tamaño de conteo literal IMAP de status mailbox. Several vulnerabilities were discovered in Mutt, a text-based mailreader supporting MIME, GPG, PGP and threading, potentially leading to code ... • http://www.mutt.org/news.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 20EXPL: 0CVE-2018-14357 – mutt: Remote Code Execution via backquote characters
https://notcve.org/view.php?id=CVE-2018-14357
17 Jul 2018 — An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquote characters, related to the mailboxes command associated with an automatic subscription. Se ha descubierto un problema en Mutt en versiones anteriores a la 1.10.1 y NeoMutt en versiones anteriores al 2018-07-16. Permiten que los servidores IMAP remotos ejecuten comandos arbitrarios mediante caracteres de acento grave; esto está relacionado con el comando mail... • http://www.mutt.org/news.html • CWE-20: Improper Input Validation CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2018-14360 – Debian Security Advisory 4277-1
https://notcve.org/view.php?id=CVE-2018-14360
17 Jul 2018 — An issue was discovered in NeoMutt before 2018-07-16. nntp_add_group in newsrc.c has a stack-based buffer overflow because of incorrect sscanf usage. Se ha descubierto un problema en NeoMutt en versiones anteriores al 2018-07-16. nntp_add_group en newsrc.c tiene un desbordamiento de búfer basado en pila debido a un uso incorrecto de sscanf. Several vulnerabilities were discovered in Mutt, a text-based mailreader supporting MIME, GPG, PGP and threading, potentially leading to code execution, denial of servic... • https://github.com/neomutt/neomutt/commit/6296f7153f0c9d5e5cd3aaf08f9731e56621bdd3 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2018-14358 – Ubuntu Security Notice USN-7204-1
https://notcve.org/view.php?id=CVE-2018-14358
17 Jul 2018 — An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long RFC822.SIZE field. Se ha descubierto un problema en Mutt en versiones anteriores a la 1.10.1 y NeoMutt en versiones anteriores al 2018-07-16. imap/message.c tiene un desbordamiento de búfer basado en pila para una respuesta FETCH con un campo RFC822.SIZE largo. USN-3719-1 fixed vulnerabilities in Mutt. Unfortunately, the fixes were not correctly appli... • http://www.mutt.org/news.html • CWE-787: Out-of-bounds Write •