CVE-2014-0467

Name of the Vulnerable Software and Affected Versions Mutt versions prior to 1.5.23

Description The issue is related to multiple vulnerabilities in the Mutt package of the Debian GNU/Linux operating system, which can lead to disruption of protected information availability. These vulnerabilities can be exploited remotely. A buffer overflow in the copy.c file of Mutt before version 1.5.23 allows remote attackers to cause a denial of service (crash) via a crafted RFC2047 header line, related to address expansion.

Recommendations For versions prior to 1.5.23, update to version 1.5.23 or later to resolve the issue. As a temporary workaround, consider restricting access to the copy.c file or disabling the address expansion feature in Mutt until a patch is available. Avoid using crafted RFC2047 header lines in the affected Mutt versions to minimize the risk of exploitation.