Passbolt Api E-mail HTML injection

Passbolt sends e-mail to users to warn them about different type of events such as the creation, modification or deletion of a password. Those e-mails may contain user-specified input, such as a password’s title or description. Passbolt does not escape the user’s input properly, resulting in the...

CentOS 6 / 7 : mailx (CESA-2014:1999)

Updated mailx packages that fix two security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available...

Pine 4.x Empty MIME Boundary Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5301/info Pine is an open source mail user agent distributed by the University of Washington. It is freely available for Unix, Linux, and Microsoft Operating Systems. When a mail is received by pine that contains MIME...

Ximian Evolution 1.x UUEncoding Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7118/info A vulnerability has been discovered in the Ximian Evolution Mail User Agent MUA. The problem occurs when the mailer attempts to process a maliciously encoded e-mail message. When attempting to decode the message...

SuSE9 Security Update : netpbm (YOU Patch Number 11701)

This update fixes a buffer overflow in the RGBA-palette code. The bug can be abused to trigger a denial-or-service attack by feeding untrusted data to 'pnmtopng -alpha' maybe via a remote service like a CGI, mail user agent, etc. The execution of arbitrary code is theoretically possible but...

Fedora Update for mutt FEDORA-2007-540

Check for the Version of mutt OpenVAS Vulnerability Test Fedora Update for mutt FEDORA-2007-540 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

Fedora Update for mutt FEDORA-2007-0001

Check for the Version of mutt OpenVAS Vulnerability Test Fedora Update for mutt FEDORA-2007-0001 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

Debian Security Advisory DSA 096-1 (mutt)

The remote host is missing an update to mutt announced via advisory DSA 096-1. OpenVAS Vulnerability Test $Id: deb0961.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 096-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Moderate: Red Hat Security Advisory: mutt security update

An updated mutt package that fixes several security bugs is now available for Red Hat Enterprise Linux 3, 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Mutt is a text-mode mail user agent. A flaw was found in the way Mutt used...

[SECURITY] Fedora Core 5 Update: mutt-1.4.2.1-8.fc5

Mutt is a text-mode mail user agent. Mutt supports color, threading, arbitrary key remapping, and a lot of customization. You should install mutt if you have used it in the past and you prefer it, or if you are new to mail programs and have not decided which one you are going to use...

Mailutils: Multiple vulnerabilities in imap4d and mail

Background GNU Mailutils is a collection of mail-related utilities, including an IMAP4 server imap4d and a Mail User Agent mail. Description infamous41d discovered several vulnerabilities in GNU Mailutils. imap4d does not correctly implement formatted printing of command tags CAN-2005-1523, fails...

SUSE-SA:2003:020: mutt

The remote host is missing the patch for the advisory SUSE-SA:2003:020 mutt. Mutt is a text-based Mail User Agent MUA. The IMAP-code of mutt is vulnerable to a buffer overflow that can be exploited by a malicious IMAP-server to crash mutt or even execute arbitrary code with the privileges of the...

DEBIAN-CVE-2003-0128

The tryuudecoding function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a malicious uuencoded UUE header, possibly triggering a heap-based buffer overflow...

CVE-2003-0128

The tryuudecoding function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a malicious uuencoded UUE header, possibly triggering a heap-based buffer overflow...

CVE-2003-0130

The handleimage function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier does not properly escape HTML characters, which allows remote attackers to inject arbitrary data and HTML via a MIME Content-ID header in a MIME-encoded image...

CVE-2003-0129

Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service memory consumption via a mail message that is uuencoded multiple times...

CVE-2003-0130

The CVE-2003-0130 issue affects Ximian Evolution Mail User Agent (Evolution 1.2.2 and earlier). The vulnerability lies in the handle_image() function in mail-format.c, which does not escape HTML characters in the Content-ID-derived string, enabling remote attackers to inject arbitrary data and HT...

CVE-2003-0128

The CVE-2003-0128 family affects Ximian Evolution Mail User Agent (MUA) prior to version 1.2.3, via the try_uudecoding function in mail-format.c that decodes UUEncoded headers. The vulnerability can cause a denial of service (crash) and may allow arbitrary code execution through crafted UUE heade...

CORE-20030304-02: Vulnerability in Mutt Mail User Agent

Core Security Technologies Advisory http://www.coresecurity.com Vulnerability in Mutt Mail User Agent Date Published: 2003-03-20 Last Update: 2003-03-19 Advisory ID: CORE-20030304-02 Bugtraq ID: 7120 CVE CAN: None currently assigned Title: Mutt Controlled IMAP server buffer overflow Class: Bounda...

Ximian Evolution 1.x - UUEncoding Denial of Service

source: https://www.securityfocus.com/bid/7118/info A vulnerability has been discovered in the Ximian Evolution Mail User Agent MUA. The problem occurs when the mailer attempts to process a maliciously encoded e-mail message. When attempting to decode the message, the MUA will repeatedly attempt ...