Improper Input Validation Vulnerability in Mutt and NeoMutt Email Clients
CVE-2018-14351

9.8CRITICAL

Key Information:

Vendor: Mutt
Status: Mutt; Neomutt
Vendor: CVE Published:; 17 July 2018

🔔 Create Mutt Vulnerability Alert

What is CVE-2018-14351?

An issue has been discovered in the Mutt and NeoMutt email clients where an improperly handled long IMAP status mailbox literal count can lead to unexpected behavior. This flaw may potentially allow an attacker to exploit the email client when processing specially crafted IMAP commands.

References

https://usn.ubuntu.com/3719-3/

vendor-advisoryx_refsource_UBUNTU

https://www.debian.org/security/2018/dsa-4277

vendor-advisoryx_refsource_DEBIAN

https://lists.debian.org/debian-lts-announce/2018/08/msg0...

mailing-listx_refsource_MLIST

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 17, 2018
Vulnerability Reserved
Jul 17, 2018

CVE-2018-14351 Data

.