CVE-2002-0001

critical

Description

Vulnerability in RFC822 address parser in mutt before 1.2.5.1 and mutt 1.3.x before 1.3.25 allows remote attackers to execute arbitrary commands via an improperly terminated comment or phrase in the address list.

References

http://www.securityfocus.com/bid/3774

http://www.redhat.com/support/errata/RHSA-2002-003.html

http://www.novell.com/linux/security/advisories/2002_001_mutt_txt.html

http://www.mutt.org/announce/mutt-1.2.5.1-1.3.25.html

http://www.iss.net/security_center/static/7759.php

http://www.debian.org/security/2002/dsa-096

http://online.securityfocus.com/advisories/3778

http://marc.info/?l=bugtraq&m=100994648918287&w=2

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000449

Details

Source: Mitre, NVD

Published: 2002-02-27

Updated: 2025-04-03

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.02091

Detections

Analytics