Back to search
CVE-2021-3181
Published: Jan 19, 2021
Modified: Aug 3, 2024
PUBLISHED
Description
rfc822.c in Mutt through 2.0.4 allows remote attackers to cause a denial of service (mailbox unavailability) by sending email messages with sequences of semicolon characters in RFC822 address fields (aka terminators of empty groups). A small email message from the attacker can cause large memory consumption, and the victim may then be unable to see email messages from other persons.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://gitlab.com/muttmua/mutt/-/issues/323
x_refsource_MISC
[oss-security] 20210119 Re: mutt recipient parsing memory leak
mailing-list
x_refsource_MLIST
[debian-lts-announce] 20210120 [SECURITY] [DLA 2529-1] mutt security update
mailing-list
x_refsource_MLIST
GLSA-202101-25
vendor-advisory
x_refsource_GENTOO
DSA-4838
vendor-advisory
x_refsource_DEBIAN
[oss-security] 20210127 glibc iconv crash with ISO-2022-JP-3
mailing-list
x_refsource_MLIST
FEDORA-2021-a4f016c6c8
vendor-advisory
x_refsource_FEDORA
FEDORA-2021-4205e1fc23
vendor-advisory
x_refsource_FEDORA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now