Total vulnerabilities in the database
The write_one_header function in mutt 1.5.23 does not properly handle newline characters at the beginning of a header, which allows remote attackers to cause a denial of service (crash) via a header with an empty body, which triggers a heap-based buffer overflow in the mutt_substrdup function.
| Software | From | Fixed in |
|---|---|---|
| suse / linux_enterprise_desktop | 12 | 12.x |
| suse / suse_linux_enterprise_server | 12 | 12.x |
| mutt / mutt | 1.5.23 | 1.5.23.x |
| debian / debian_linux | 7.0 | 7.0.x |
| mageia / mageia | 4.0 | 4.0.x |