VDB
CVE-2007-2683
CVE-2007-2683
PUBLISHED
CVSS 3.5 LOW
Buffer overflow in Mutt 1.4.2 might allow local users to execute arbitrary code via "&" characters in the GECOS field, which triggers the overflow during alias expansion.
EPSS 0.18% · 38.8th percentile
Risk Scores
CVSS 2.0
3.5
EPSS Score
0.18%
38.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | * |
| mutt | mutt | 1.4.2 |
Exploit Intelligence
- 25529 (circl)
- 1018066 (circl)
- 2007-0024 (circl)
- 26415 (circl)
- http://dev.mutt.org/trac/ticket/2885 (circl)
- 25408 (circl)
- 34973 (circl)
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=239890 (circl)
- oval:org.mitre.oval:def:10543 (circl)
- 25546 (circl)
…and 6 more exploits
Timeline
- May 15, 2007 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 27, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 26, 2023 EPSS Score
References
- 25529 third-party-advisory
- 1018066 vdb
- 2007-0024 vendor-advisory
- 26415 third-party-advisory
- http://dev.mutt.org/trac/ticket/2885 url
- 25408 third-party-advisory
- 34973 vdb
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=239890 url
- oval:org.mitre.oval:def:10543 vdb
- 25546 third-party-advisory
- 25515 third-party-advisory
- mutt-gecos-bo(34441) vdb
- MDKSA-2007:113 vendor-advisory
- RHSA-2007:0386 vendor-advisory
- 24192 vdb
- https://issues.rpath.com/browse/RPL-1391 url
- https://nvd.nist.gov/vuln/detail/CVE-2007-2683 advisory
- http://www.trustix.org/errata/2007/0024 url