Buffer Overflow in GNU Mailutils Allows Remote Code Execution
CVE-2005-1520

Currently unrated

Key Information:

Vendor: Gnu
Status: Mailutils
Vendor: CVE Published:; 26 May 2005

Summary

The vulnerability arises from a buffer overflow in the header_get_field_name function within header.c of GNU Mailutils versions 0.5 and 0.6, and earlier versions before 0.6.90. This flaw permits remote attackers to execute arbitrary code by sending a specially crafted email, posing significant security risks to systems utilizing this software.

References

http://securitytracker.com/id?1014052

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/13766

vdb-entryx_refsource_BID

http://secunia.com/advisories/15442

third-party-advisoryx_refsource_SECUNIA

EPSS Score

11% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
May 26, 2005
Vulnerability Reserved
May 12, 2005