mutt CVE Vulnerabilities & CVE List (52)

Products (CPE): — CVEs: 52

mutt vulnerability overview

Aggregates CVE and security vulnerability intelligence across all mutt-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.

Historical issues mainly involve vendor risk buffer overflow, vendor risk memory corruption, vendor risk input validation, and vendor risk path handling and related problems; some flaws may lead to vendor impact memory corruption.

Vulnerability distribution trend (last 24 months)

Showing 4152 of 52 CVEs
«« First « Prev Page 3 / 3 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2006-5297 Race condition in the safe_open function in the Mutt mail client 1.5.12 and earlier, when creating temporary files in an NFS filesystem, allows local users to overwrite arbitrary files due to limitations of the use of the O_EXCL flag on NFS filesystems. [email protected] 1.2 0.34% 2006-10-16 2026-06-16
CVE-2006-3242 Stack-based buffer overflow in the browse_get_namespace function in imap/browse.c of Mutt 1.4.2.1 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via long namespaces received from the IMAP server. [email protected] 7.5 5.89% 2006-06-27 2026-06-16
CVE-2005-2642 Buffer overflow in the mutt_decode_xbit function in Handler.c for Mutt 1.5.10 allows remote attackers to execute arbitrary code, possibly due to interactions with libiconv or gettext. [email protected] 7.5 4.48% 2005-08-23 2026-06-16
CVE-2004-0078 Buffer overflow in the index menu code (menu_pad_string of menu.c) for Mutt 1.4.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain mail messages. [email protected] 7.5 5.43% 2004-03-03 2026-06-16
CVE-2003-0300 The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors. [email protected] 5.0 3.36% 2003-06-16 2026-06-16
CVE-2003-0299 The IMAP Client, as used in mutt 1.4.1 and Balsa 2.0.10, allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large mailbox size values that cause either integer signedness errors or integer overflow errors. [email protected] 7.5 2.10% 2003-06-16 2026-06-16
CVE-2003-0167 Multiple off-by-one buffer overflows in the IMAP capability for Mutt 1.3.28 and earlier, and Balsa 1.2.4 and earlier, allow a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a specially crafted mail folder, a different vulnerability than CVE-2003-0140. [email protected] 7.5 2.54% 2003-04-02 2026-06-16
CVE-2003-0140 Buffer overflow in Mutt 1.4.0 and possibly earlier versions, 1.5.x up to 1.5.3, and other programs that use Mutt code such as Balsa before 2.0.10, allows a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a crafted folder. [email protected] 7.5 4.49% 2003-03-24 2026-06-16
CVE-2002-0001 Vulnerability in RFC822 address parser in mutt before 1.2.5.1 and mutt 1.3.x before 1.3.25 allows remote attackers to execute arbitrary commands via an improperly terminated comment or phrase in the address list. [email protected] 7.5 3.37% 2002-02-27 2026-06-16
CVE-2001-0473 Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands. [email protected] 7.5 2.06% 2001-06-27 2026-06-16
CVE-1999-0940 Buffer overflow in mutt mail client allows remote attackers to execute commands via malformed MIME messages. [email protected] 7.5 2.66% 1999-09-27 2026-06-16
CVE-1999-0941 Mutt mail client allows a remote attacker to execute commands via shell metacharacters. [email protected] 7.5 1.86% 1998-07-28 2026-06-16
«« First « Prev Page 3 / 3 Next »
cvelogic Threat Intelligence