CVE-2006-3242 — mutt - buffer overflow

Description

Stack-based buffer overflow in the browse_get_namespace function in imap/browse.c of Mutt 1.4.2.1 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via long namespaces received from the IMAP server.

How to fix CVE-2006-3242

To remediate CVE-2006-3242, upgrade the affected package to a fixed version below.

Debian/mutt—upgrade to 1.5.11+cvs20060403-2 or later
Debian/mutt—upgrade to 1.5.9-2sarge2 or later

Is CVE-2006-3242 being exploited?

Moderate — EPSS is 7.5%. Track this CVE but it's not at the top of the prioritisation list.

Affected packages (2)

from 0, < 1.5.11+cvs20060403-2
from 0, < 1.5.9-2sarge2

References (1)

ADVISORYsecurity-tracker.debian.org/tracker/CVE-2006-3242