CVE-2023-4875

Опубликовано: 09 сент. 2023

Источник: redhat

CVSS3: 5.7

EPSS Низкий

Описание

Null pointer dereference when composing from a specially crafted draft message in Mutt >1.5.2 <2.2.12

A null pointer dereference flaw was found in mutt when handling specially crafted characters. This issue could allow an attacker to send a specially crafted email that causes the email client to crash when reading or processing the email.

Отчет

This is a local client crash caused by a specially crafted email. No code execution is expected. This flaw has been rated as having moderate security impact.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-476

https://bugzilla.redhat.com/show_bug.cgi?id=2238241mutt: null pointer dereference

EPSS

Процентиль: 5%

0.00024

Низкий

5.7 Medium

CVSS3

Связанные уязвимости

CVE-2023-4875

CVSS3: 2.2

ubuntu

почти 2 года назад

Null pointer dereference when composing from a specially crafted draft message in Mutt >1.5.2 <2.2.12

CVE-2023-4875

CVSS3: 2.2

nvd

почти 2 года назад

Null pointer dereference when composing from a specially crafted draft message in Mutt >1.5.2 <2.2.12

CVE-2023-4875

CVSS3: 5.7

msrc

почти 2 года назад

Описание отсутствует

CVE-2023-4875

CVSS3: 2.2

debian

почти 2 года назад

Null pointer dereference when composing from a specially crafted draft ...

GHSA-fwwc-f8hw-qfwf

CVSS3: 2.2

github

почти 2 года назад

Null pointer dereference when composing from a specially crafted draft message in Mutt >1.5.2 <2.2.12

EPSS

Процентиль: 5%

0.00024

Низкий

5.7 Medium

CVSS3