VulnerableCode Package Details - pkg:deb/ubuntu/neomutt@20171208%2Bdfsg.1-1

Search for packages

Vulnerability	Summary	Fixed by
VCID-1h6z-qxe3-aaam Aliases: CVE-2018-14352	An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap_quote_string in imap/util.c does not leave room for quote characters, leading to a stack-based buffer overflow.	20180716+dfsg.1-1.2 Affected by 0 other vulnerabilities.
VCID-2aq1-acqr-aaar Aliases: CVE-2018-14354	An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquote characters, related to the mailboxes command associated with a manual subscription or unsubscription.	20180716+dfsg.1-1.2 Affected by 0 other vulnerabilities.
VCID-2juu-eehq-aaaa Aliases: CVE-2018-14351	An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/command.c mishandles a long IMAP status mailbox literal count size.	20180716+dfsg.1-1.2 Affected by 0 other vulnerabilities.
VCID-6m6x-hruw-aaac Aliases: CVE-2018-14359	An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They have a buffer overflow via base64 data.	20180716+dfsg.1-1.2 Affected by 0 other vulnerabilities.
VCID-7taj-u6sy-aaaa Aliases: CVE-2018-14356	An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c mishandles a zero-length UID.	20180716+dfsg.1-1.2 Affected by 0 other vulnerabilities.
VCID-819x-kgxs-aaah Aliases: CVE-2018-14349	An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/command.c mishandles a NO response without a message.	20180716+dfsg.1-1.2 Affected by 0 other vulnerabilities.
VCID-ctdr-g1vk-aaaa Aliases: CVE-2018-14361	An issue was discovered in NeoMutt before 2018-07-16. nntp.c proceeds even if memory allocation fails for messages data.	20180716+dfsg.1-1.2 Affected by 0 other vulnerabilities.
VCID-k5mq-7bwa-aaak Aliases: CVE-2018-14355	An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/util.c mishandles ".." directory traversal in a mailbox name.	20180716+dfsg.1-1.2 Affected by 0 other vulnerabilities.
VCID-n745-z1pt-aaaa Aliases: CVE-2018-14350	An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long INTERNALDATE field.	20180716+dfsg.1-1.2 Affected by 0 other vulnerabilities.
VCID-qqe2-8rw6-aaaq Aliases: CVE-2018-14357	An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquote characters, related to the mailboxes command associated with an automatic subscription.	20180716+dfsg.1-1.2 Affected by 0 other vulnerabilities.
VCID-s1qj-2xeh-aaam Aliases: CVE-2018-14358	An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long RFC822.SIZE field.	20180716+dfsg.1-1.2 Affected by 0 other vulnerabilities.
VCID-tzgj-enns-aaag Aliases: CVE-2018-14360	An issue was discovered in NeoMutt before 2018-07-16. nntp_add_group in newsrc.c has a stack-based buffer overflow because of incorrect sscanf usage.	20180716+dfsg.1-1.2 Affected by 0 other vulnerabilities.
VCID-urhv-8zjs-aaae Aliases: CVE-2018-14353	An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap_quote_string in imap/util.c has an integer underflow.	20180716+dfsg.1-1.2 Affected by 0 other vulnerabilities.
VCID-y76w-47t2-aaah Aliases: CVE-2018-14363	An issue was discovered in NeoMutt before 2018-07-16. newsrc.c does not properly restrict '/' characters that may have unsafe interaction with cache pathnames.	20180716+dfsg.1-1.2 Affected by 0 other vulnerabilities.
VCID-zcy1-nh9b-aaah Aliases: CVE-2018-14362	An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c does not forbid characters that may have unsafe interaction with message-cache pathnames, as demonstrated by a '/' character.	20180716+dfsg.1-1.2 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-1h6z-qxe3-aaam
Aliases:
CVE-2018-14352

An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap_quote_string in imap/util.c does not leave room for quote characters, leading to a stack-based buffer overflow.