CVE-2022-1328

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

Name of the Vulnerable Software and Affected Versions Mutt versions 0.94.13 through 2.2.3

Description The issue is related to a buffer overflow in the mutt decode uuencoded() function of the Mutt email client. This can allow a remote attacker to gain unauthorized access to protected information or cause a denial of service. The problem arises from the function reading past the end of an input line.

Recommendations For versions 0.94.13 through 2.2.3, update to version 2.2.3 or later to resolve the issue. As a temporary workaround, consider disabling the mutt decode uuencoded() function until a patch is available.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-120

Related Identifiers

ALSA-2022:7640

ALSA-2022:8219

ALSA-2022_7640

ALSA-2022_8219

AZL-9472

BDU:2022-04443

CESA-2022_7640

CVE-2022-1328

DLA-2999-1

MGASA-2023-0232

OESA-2022-1633

OPENSUSE-SU-2022:10020-1

OPENSUSE-SU-2022_1376-1

OPENSUSE-SU-2024:12010-1

OPENSUSE-SU-2024:12105-1

RHSA-2022:7640

RHSA-2022:8219

RHSA-2022_7640

RHSA-2022_8219

RLSA-2022:7640

RLSA-2022:8219

SUSE-SU-2022:1376-1

SUSE-SU-2022:1478-1

SUSE-SU-2022_1376-1

SUSE-SU-2022_1478-1

USN-5392-1

USN-7204-1

Affected Products

Almalinux

Astra Linux

Centos

Debian

Linuxmint

Mutt

Red Hat

Red Os

Rocky Linux

Suse

Ubuntu

CVE-2022-1328

Weakness Enumeration

Related Identifiers

Affected Products

References · 93