CVE-2023-4875

CVSS 3.1 Score 5.7 of 10 (medium)

Details

Published Sep 9, 2023

Updated: Oct 15, 2023

CWE ID 476

CWE ID 475

Summary

CVE-2023-4875 is a vulnerability affecting versions of Mutt email client between 1.5.2 and 2.2.12. This issue arises from a null pointer dereference that occurs when processing a maliciously crafted draft message. An attacker could exploit this flaw to cause Mutt to crash, leading to potential denial-of-service attacks or, in some cases, potentially executing arbitrary code. Users are advised to update their Mutt installation to a patched version as soon as possible to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Mutt
Debian

Affected Vendors

Debian

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sottIl
https://www.cve.org/CVERecord?id=CVE-2023-4875
https://nvd.nist.gov/vuln/detail/CVE-2023-4875

Back to Vulnerability Database