Advisories » MGASA-2014-0141

Updated mutt package fixes security vulnerability

Publication date: 31 Mar 2014
Modification date: 31 Mar 2014
Type: security
Affected Mageia releases : 3 , 4
CVE: CVE-2014-0467

Description

A heap-based buffer overflow flaw was found in the way mutt processed
certain email headers. A remote attacker could use this flaw to send an
email with specially crafted headers that, when processed, could cause
mutt to crash or, potentially, execute arbitrary code with the permissions
of the user running mutt (CVE-2014-0467).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=13004
• https://rhn.redhat.com/errata/RHSA-2014-0304.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0467

SRPMS

3/core

• mutt-1.5.21-10.1.mga3

4/core

• mutt-1.5.21-12.1.mga4