RPMMail prior to 1.4 allows remote malicious users to execute commands via an e-mail message with shell metacharacters in the "MAIL FROM" command.
redhat linux 6.0