CVE-2003-0167
EPSS 0.93%balsa - buffer overflow
Published: 4/2/2003Modified: 4/28/2026
Description
Multiple off-by-one buffer overflows in the IMAP capability for Mutt 1.3.28 and earlier, and Balsa 1.2.4 and earlier, allow a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a specially crafted mail folder, a different vulnerability than CVE-2003-0140.
Affected packages (4)
- Debian/balsafrom 0, < 2.0.10
- Debian/balsafrom 0, < 1.2.4-2.2
- Debian/muttfrom 0, < 1.4.0
- Debian/muttfrom 0, < 1.3.28-2.2