CVE-2004-0078

Description

Buffer overflow in the index menu code (menu_pad_string of menu.c) for Mutt 1.4.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain mail messages.

How to fix CVE-2004-0078

To remediate CVE-2004-0078, upgrade the affected package to a fixed version below.

• Debian/mutt—upgrade to 1.5.6-20040722+1 or later

Is CVE-2004-0078 being exploited?

Moderate — EPSS is 5.7%. Track this CVE but it's not at the top of the prioritisation list.

Affected packages (1)

• from 0, < 1.5.6-20040722+1

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2004-0078