Lucene search
UbuntuUSN-2440-1HistoryDec 11, 2014 - 12:00 a.m.
Mutt vulnerability
2014-12-1100:00:00
ubuntu.com
30
9.3 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.015 Low
EPSS
Percentile
87.0%
Releases
- Ubuntu 14.10
- Ubuntu 14.04 ESM
- Ubuntu 12.04
- Ubuntu 10.04
Packages
- mutt - text-based mailreader supporting MIME, GPG, PGP and threading
Details
Jakub Wilk discovered that the write_one_header function in mutt
did not properly handle newline characters at the beginning of a
header. An attacker could specially craft an email to cause mutt to
crash, resulting in a denial of service.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 14.10 | noarch | mutt | < 1.5.23-1.1ubuntu0.2 | UNKNOWN |
| Ubuntu | 14.10 | noarch | mutt-dbg | < 1.5.23-1.1ubuntu0.2 | UNKNOWN |
| Ubuntu | 14.10 | noarch | mutt-patched | < 1.5.23-1.1ubuntu0.2 | UNKNOWN |
| Ubuntu | 14.04 | noarch | mutt | < 1.5.21-6.4ubuntu2.1 | UNKNOWN |
| Ubuntu | 14.04 | noarch | mutt-dbg | < 1.5.21-6.4ubuntu2.1 | UNKNOWN |
| Ubuntu | 14.04 | noarch | mutt-patched | < 1.5.21-6.4ubuntu2.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | mutt | < 1.5.21-5ubuntu2.2 | UNKNOWN |
| Ubuntu | 12.04 | noarch | mutt-dbg | < 1.5.21-5ubuntu2.2 | UNKNOWN |
| Ubuntu | 12.04 | noarch | mutt-patched | < 1.5.21-5ubuntu2.2 | UNKNOWN |
| Ubuntu | 10.04 | noarch | mutt | < 1.5.20-7ubuntu1.3 | UNKNOWN |
References
Related
fedora
fedora
[SECURITY] Fedora 21 Update: mutt-1.5.23-7.fc21
2015-02-15 03:02:04
[SECURITY] Fedora 20 Update: mutt-1.5.23-4.fc20
2015-02-15 02:57:04
osv
osv
mutt - security update
2014-12-05 00:00:00
mutt - security update
2014-11-30 00:00:00
nessus
nessus
Debian DSA-3083-1 : mutt - security update
2014-12-01 00:00:00
Mandriva Linux Security Advisory : mutt (MDVSA-2014:245)
2014-12-15 00:00:00
Mandriva Linux Security Advisory : mutt (MDVSA-2015:078)
2015-03-30 00:00:00
openvas
openvas
Fedora Update for mutt FEDORA-2014-16494
2015-02-15 00:00:00
Debian: Security Advisory (DSA-3083-1)
2014-11-29 00:00:00
SUSE: Security Advisory (SUSE-SU-2015:0758-1)
2021-06-09 00:00:00
securityvulns
securityvulns
mutt DoS
2014-12-01 00:00:00
[SECURITY] [DSA 3083-1] mutt security update
2014-12-01 00:00:00
debian
debian
[SECURITY] [DSA 3083-1] mutt security update
2014-11-30 13:48:08
[SECURITY] [DSA 3083-1] mutt security update
2014-11-30 13:47:51
ubuntucve
ubuntucve
CVE-2014-9116
2014-12-02 00:00:00
slackware
slackware
[slackware-security] mutt
2015-04-22 01:21:37
prion
prion
Heap overflow
2014-12-02 16:59:00
suse
suse
Security update for mutt (important)
2015-01-06 18:04:47
Security update for mutt (important)
2019-01-17 00:00:00
Security update for mutt (important)
2018-08-06 15:13:42
gentoo
gentoo
Mutt: Heap-based buffer overflow
2017-01-01 00:00:00
cve
cve
CVE-2014-9116
2014-12-02 16:59:00
mageia
mageia
Updated mutt packages fix CVE-2014-9116
2014-12-05 18:54:13
archlinux
archlinux
mutt: denial of service
2015-03-09 00:00:00
freebsd
freebsd
mutt -- denial of service via crafted mail message
2014-11-26 00:00:00
debiancve
debiancve
CVE-2014-9116
2014-12-02 16:59:00
9.3 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.015 Low
EPSS
Percentile
87.0%
Related for USN-2440-1