Описание
The write_one_header function in mutt 1.5.23 does not properly handle newline characters at the beginning of a header, which allows remote attackers to cause a denial of service (crash) via a header with an empty body, which triggers a heap-based buffer overflow in the mutt_substrdup function.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1.5.23-3 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [1.5.21-6.4ubuntu2.1]] |
| lucid | released | 1.5.20-7ubuntu1.3 |
| precise | released | 1.5.21-5ubuntu2.2 |
| trusty | released | 1.5.21-6.4ubuntu2.1 |
| trusty/esm | DNE | trusty was released [1.5.21-6.4ubuntu2.1] |
| upstream | needed | |
| utopic | released | 1.5.23-1.1ubuntu0.2 |
Показывать по
5 Medium
CVSS2
Связанные уязвимости
The write_one_header function in mutt 1.5.23 does not properly handle newline characters at the beginning of a header, which allows remote attackers to cause a denial of service (crash) via a header with an empty body, which triggers a heap-based buffer overflow in the mutt_substrdup function.
The write_one_header function in mutt 1.5.23 does not properly handle newline characters at the beginning of a header, which allows remote attackers to cause a denial of service (crash) via a header with an empty body, which triggers a heap-based buffer overflow in the mutt_substrdup function.
The write_one_header function in mutt 1.5.23 does not properly handle ...
The write_one_header function in mutt 1.5.23 does not properly handle newline characters at the beginning of a header, which allows remote attackers to cause a denial of service (crash) via a header with an empty body, which triggers a heap-based buffer overflow in the mutt_substrdup function.
5 Medium
CVSS2