Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 5 |
CVE-ID | N/A |
CWE-ID | CWE-119 CWE-22 CWE-193 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software Subscribe |
Mutt Client/Desktop applications / Office applications |
Vendor | Mutt.org |
Security Bulletin
This security bulletin contains information about 5 vulnerabilities.
EUVDB-ID: #VU13921
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in mutt_from_base64() function in imap/auth_cram.c and imap/auth_gss.c when processing responses from IMAP server. A remote attacker that controls the IMAP server can send an overly long response to the vulnerable mail client, trigger buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system but requires that victim connects to a compromised server or the attacker is able to perform MitM (man-in-the-middle) attack.
MitigationUpdate to version 1.10.1.
Mutt: 0.95.6 - 1.10.0
External linkshttp://gitlab.com/muttmua/mutt/commit/ed9d7727dc705754871e31cb41420f0ea956495b
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU13922
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in imap/command.c file when verifying IMAP mailbox status. A remote attacker that controls the IMAP server can send an overly long response to the vulnerable mail client, trigger buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system but requires that victim connects to a compromised server or the attacker is able to perform MitM (man-in-the-middle) attack.
MitigationUpdate to version 1.10.1.
Mutt: 0.95.6 - 1.10.0
External linkshttp://gitlab.com/muttmua/mutt/commit/ed9d7727dc705754871e31cb41420f0ea956495b
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU13923
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in msg_parse_fetch() function in imap/message.c file. A remote attacker that controls the IMAP server can send an overly long response to the vulnerable mail client, trigger buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system but requires that victim connects to a compromised server or the attacker is able to perform MitM (man-in-the-middle) attack.
MitigationUpdate to version 1.10.1.
Mutt: 0.95.6 - 1.10.0
External linkshttp://gitlab.com/muttmua/mutt/commit/ed9d7727dc705754871e31cb41420f0ea956495b
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU13924
Risk: Low
CVSSv3.1: 3.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to improper sanitization of UID values in pop.c within bcache implementation. A remote attacker that controls the POP3 server can traverse directories on the client's system.
Update to version 1.10.1.
Mutt: 0.95.6 - 1.10.0
External linkshttp://gitlab.com/muttmua/mutt/commit/ed9d7727dc705754871e31cb41420f0ea956495b
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU13925
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-193 - Off-by-one Error
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to an off-by-one error in cmd_parse_lsub() function in imap/command.c file. A remote attacker that controls the IMAP server can send a specially crafted response to the vulnerable mail client, trigger off-by-one overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system but requires that victim connects to a compromised server or the attacker is able to perform MitM (man-in-the-middle) attack.
MitigationUpdate to version 1.10.1.
Mutt: 0.95.6 - 1.10.0
External linkshttp://gitlab.com/muttmua/mutt/commit/ed9d7727dc705754871e31cb41420f0ea956495b
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.