{"id":"CVE-2003-0167","details":"Multiple off-by-one buffer overflows in the IMAP capability for Mutt 1.3.28 and earlier, and Balsa 1.2.4 and earlier, allow a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a specially crafted mail folder, a different vulnerability than CVE-2003-0140.","modified":"2026-04-10T03:36:07.448420Z","published":"2003-04-02T05:00:00Z","references":[{"type":"ADVISORY","url":"http://www.debian.org/security/2003/dsa-274"},{"type":"ADVISORY","url":"http://www.debian.org/security/2003/dsa-300"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/7229"},{"type":"FIX","url":"http://www.debian.org/security/2003/dsa-274"},{"type":"FIX","url":"http://www.securityfocus.com/bid/7229"}],"schema_version":"1.7.5"}