Lucene search

K

Veracode Vulnerability DatabaseVERACODE:23061

HistoryApr 10, 2020 - 12:14 a.m.

Arbitrary Code Execution

2020-04-1000:14:43

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

15

EPSS

0

Percentile

0.4%

mutt is vulnerable to arbitrary code execution. A flaw was found in the way Mutt handled certain characters in gecos fields which could lead to a buffer overflow. The gecos field is an entry in the password database typically used to record general information about the user. A local attacker could give themselves a carefully crafted “Real Name” which could execute arbitrary code if a victim uses Mutt and expands the attackers alias.

References

dev.mutt.org/trac/ticket/2885

osvdb.org/34973

secunia.com/advisories/25408

secunia.com/advisories/25515

secunia.com/advisories/25529

secunia.com/advisories/25546

secunia.com/advisories/26415

www.mandriva.com/security/advisories?name=MDKSA-2007:113

www.redhat.com/security/updates/classification/#moderate

www.redhat.com/support/errata/RHSA-2007-0386.html

www.securityfocus.com/bid/24192

www.securitytracker.com/id?1018066

www.trustix.org/errata/2007/0024/

access.redhat.com/errata/RHSA-2007:0386

bugzilla.redhat.com/bugzilla/show_bug.cgi?id=239890

exchange.xforce.ibmcloud.com/vulnerabilities/34441

issues.rpath.com/browse/RPL-1391

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10543

EPSS

0

Percentile

0.4%

Related for VERACODE:23061

openvas11 prion1 freebsd1 cvelist1 cve1 exploitdb1 ubuntucve1 nessus9 debiancve1 nvd1 fedora3 redhat1 oraclelinux1 centos1