Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:27084
HistorySep 21, 2020 - 6:34 a.m.

Arbitrary Code Execution

2020-09-2106:34:16
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
12
mutt
software
vulnerability
imap_quote_string
integer underflow

EPSS

0.01

Percentile

83.6%

mutt is vulnerable to arbitrary code execution. The vulnerability exists through an integer underflow in imap_quote_string of imap/util.c.

Affected configurations

Vulners
Node
-mutt\Matchxenial1.5.24
OR
-mutt\Matchtrusty1.5.21-6.4ubuntu2
OR
-neomutt\Matchbuster20180716+dfsg.1-1+deb10u1
OR
-neomutt\Matchbuster20180716+dfsg.1-1+deb10u2
OR
-mutt\Matchxenial1.5.24
OR
-mutt\Matchtrusty1.5.21-6.4ubuntu2
OR
-neomutt\Matchbuster20180716+dfsg.1-1+deb10u1
OR
-neomutt\Matchbuster20180716+dfsg.1-1+deb10u2
VendorProductVersionCPE
-mutt\xenialcpe:2.3:a:-:mutt\:xenial:1.5.24:*:*:*:*:*:*:*
-mutt\trustycpe:2.3:a:-:mutt\:trusty:1.5.21-6.4ubuntu2:*:*:*:*:*:*:*
-neomutt\bustercpe:2.3:a:-:neomutt\:buster:20180716+dfsg.1-1+deb10u1:*:*:*:*:*:*:*
-neomutt\bustercpe:2.3:a:-:neomutt\:buster:20180716+dfsg.1-1+deb10u2:*:*:*:*:*:*:*