5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.039 Low
EPSS
Percentile
91.9%
CentOS Errata and Security Advisory CESA-2014:0304
Mutt is a text-mode mail user agent.
A heap-based buffer overflow flaw was found in the way mutt processed
certain email headers. A remote attacker could use this flaw to send an
email with specially crafted headers that, when processed, could cause mutt
to crash or, potentially, execute arbitrary code with the permissions of
the user running mutt. (CVE-2014-0467)
All mutt users are advised to upgrade to this updated package, which
contains a backported patch to correct this issue. All running instances of
mutt must be restarted for this update to take effect.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2014-March/082371.html
Affected packages:
mutt
Upstream details at:
https://access.redhat.com/errata/RHSA-2014:0304
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 6 | i686 | mutt | <Β 1.5.20-4.20091214hg736b6a.el6_5 | mutt-1.5.20-4.20091214hg736b6a.el6_5.i686.rpm |
CentOS | 6 | x86_64 | mutt | <Β 1.5.20-4.20091214hg736b6a.el6_5 | mutt-1.5.20-4.20091214hg736b6a.el6_5.x86_64.rpm |