Format string vulnerability in the movemail utility in (1) Emacs 20.x, 21.3, and possibly other versions, and (2) XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets.
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9408
https://exchange.xforce.ibmcloud.com/vulnerabilities/19246
http://www.securityfocus.com/bid/12462
http://www.securityfocus.com/archive/1/433928/30/5010/threaded
http://www.redhat.com/support/errata/RHSA-2005-133.html
http://www.redhat.com/support/errata/RHSA-2005-112.html
http://www.redhat.com/support/errata/RHSA-2005-110.html
http://www.mandriva.com/security/advisories?name=MDKSA-2005:038
http://www.debian.org/security/2005/dsa-685
http://www.debian.org/security/2005/dsa-671