FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mutt -- buffer overflow vulnerability

Affected packages
ja-mutt < 1.4.2.3
mutt < 1.4.2.3
mutt-lite < 1.4.2.3
zh-mutt < 1.4.2.3

Details

VuXML ID 863f95d3-3df1-11dc-b3d3-0016179b2dd5
Discovery 2007-05-28
Entry 2007-07-29

Securityfocus reports:

Mutt is prone to a local buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before using it in a memory copy operation. An attacker can exploit this issue to execute arbitrary code with the with the privileges of the victim. Failed exploit attempts will result in a denial of service.

References

Bugtraq ID 24192
CVE Name CVE-2007-2683
URL http://www.redhat.com/support/errata/RHSA-2007-0386.html