Your submission was sent successfully! Close

CVE-2018-14358

Published: 17 July 2018

An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long RFC822.SIZE field.

Priority

Medium

CVSS 3 base score: 9.8

Status

Package Release Status
mutt
Launchpad, Ubuntu, Debian
artful Ignored
(reached end-of-life)
bionic
Released (1.9.4-3ubuntu0.1)
cosmic
Released (1.10.1-1)
disco
Released (1.10.1-1)
eoan
Released (1.10.1-1)
focal
Released (1.10.1-1)
groovy
Released (1.10.1-1)
hirsute
Released (1.10.1-1)
impish
Released (1.10.1-1)
jammy
Released (1.10.1-1)
precise
Released (1.5.21-5ubuntu2.3)
trusty Does not exist
(trusty was released [1.5.21-6.4ubuntu2.2])
upstream
Released (1.10.1)
xenial
Released (1.5.24-1ubuntu0.1)
Patches:
other: https://gitlab.com/muttmua/mutt/commit/3287534daa3beac68e2e83ca4b4fe8a3148ff870
neomutt
Launchpad, Ubuntu, Debian
artful Does not exist

bionic Needed

cosmic Ignored
(reached end-of-life)
disco Not vulnerable
(20180716+dfsg.1-1)
eoan Not vulnerable
(20180716+dfsg.1-1.2)
focal Not vulnerable
(20180716+dfsg.1-1.2)
groovy Not vulnerable
(20180716+dfsg.1-1.2)
hirsute Not vulnerable
(20180716+dfsg.1-1.2)
impish Not vulnerable
(20180716+dfsg.1-1.2)
jammy Not vulnerable
(20180716+dfsg.1-1.2)
precise Does not exist

trusty Does not exist

upstream
Released (20180716+dfsg.1-1)
xenial Does not exist