FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-05-29 17:22:06 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
863f95d3-3df1-11dc-b3d3-0016179b2dd5	mutt -- buffer overflow vulnerability Securityfocus reports: Mutt is prone to a local buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before using it in a memory copy operation. An attacker can exploit this issue to execute arbitrary code with the with the privileges of the victim. Failed exploit attempts will result in a denial of service. Discovery 2007-05-28 Entry 2007-07-29 mutt mutt-lite ja-mutt zh-mutt < 1.4.2.3 24192 CVE-2007-2683 http://www.redhat.com/support/errata/RHSA-2007-0386.html
c3d43001-8064-11e4-801f-0022156e8794	mutt -- denial of service via crafted mail message NVD reports: The write_one_header function in mutt 1.5.23 does not properly handle newline characters at the beginning of a header, which allows remote attackers to cause a denial of service (crash) via a header with an empty body, which triggers a heap-based buffer overflow in the mutt_substrdup function. Discovery 2014-11-26 Entry 2014-12-23 mutt ge 1.5.22 lt 1.5.23_7 ja-mutt ge 1.5.22 lt 1.5.23_7 zh-mutt ge 1.5.22 lt 1.5.23_7 71334 CVE-2014-9116 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771125 http://dev.mutt.org/trac/ticket/3716

VuXML ID

Description

863f95d3-3df1-11dc-b3d3-0016179b2dd5

mutt -- buffer overflow vulnerability

Securityfocus reports:

Mutt is prone to a local buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before using it in a memory copy operation. An attacker can exploit this issue to execute arbitrary code with the with the privileges of the victim. Failed exploit attempts will result in a denial of service.

Discovery 2007-05-28
Entry 2007-07-29
mutt
mutt-lite
ja-mutt
zh-mutt

< 1.4.2.3

24192
CVE-2007-2683
http://www.redhat.com/support/errata/RHSA-2007-0386.html

c3d43001-8064-11e4-801f-0022156e8794

mutt -- denial of service via crafted mail message

NVD reports:

The write_one_header function in mutt 1.5.23 does not properly handle newline characters at the beginning of a header, which allows remote attackers to cause a denial of service (crash) via a header with an empty body, which triggers a heap-based buffer overflow in the mutt_substrdup function.

Discovery 2014-11-26
Entry 2014-12-23
mutt

ge 1.5.22 lt 1.5.23_7

ja-mutt

ge 1.5.22 lt 1.5.23_7

zh-mutt

ge 1.5.22 lt 1.5.23_7

71334
CVE-2014-9116
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771125
http://dev.mutt.org/trac/ticket/3716