CVE-2005-0100

critical

Description

Format string vulnerability in the movemail utility in (1) Emacs 20.x, 21.3, and possibly other versions, and (2) XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9408

https://exchange.xforce.ibmcloud.com/vulnerabilities/19246

http://www.securityfocus.com/bid/12462

http://www.securityfocus.com/archive/1/433928/30/5010/threaded

http://www.redhat.com/support/errata/RHSA-2005-133.html

http://www.redhat.com/support/errata/RHSA-2005-112.html

http://www.redhat.com/support/errata/RHSA-2005-110.html

http://www.mandriva.com/security/advisories?name=MDKSA-2005:038

http://www.debian.org/security/2005/dsa-685

http://www.debian.org/security/2005/dsa-671

http://www.debian.org/security/2005/dsa-670

http://marc.info/?l=bugtraq&m=110780416112719&w=2

Details

Source: Mitre, NVD

Published: 2005-02-07

Updated: 2018-10-19

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

Detections

Analytics