The IMAP Client, as used in mutt 1.4.1 and Balsa 2.0.10, allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large mailbox size values that cause either integer signedness errors or integer overflow errors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mutt | mutt | 1.4.1 |
| stuart_parmenter | balsa | 2.0.10 |
The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sylpheed | sylpheed_email_client | 0.8.11 |
| university_of_washington | pine | 4.53 |
| mutt | mutt | 1.4.1 |
| microsoft | outlook_express | 6.00.2800.1106 |
| ximian | evolution | 1.2.4 |
| mozilla | mozilla | 1.4 |
| stuart_parmenter | balsa | 2.0.10 |
| qualcomm | eudora | 5.2.1 |
| mozilla | mozilla | 1.3 |