Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2004-0104

Published: 03/03/2004 Updated: 11/07/2017
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 755
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Propack

Vulnerability Summary

Multiple format string vulnerabilities in Metamail 2.7 and previous versions allow remote malicious users to execute arbitrary code.

Vulnerable Product Search on Vulmon Subscribe to Product

sgi propack 2.3

sgi propack 2.4

metamail corporation metamail

redhat linux advanced workstation 2.1

redhat enterprise linux 2.1

Vendor Advisories

Debian Security Advisories: DSA-449-1 metamail -- buffer overflow, format string bugs
Ulf Härnhammar discovered two format string bugs (CAN-2004-0104) and two buffer overflow bugs (CAN-2004-0105) in metamail, an implementation of MIME An attacker could create a carefully-crafted mail message which will execute arbitrary code as the victim when it is opened and parsed through metamail We have been devoting some effort to trying to ...

Exploits

Exploit DB: Metamail 2.7 - Multiple Buffer Overflow / Format String Handling Vulnerabilities
source: wwwsecurityfocuscom/bid/9692/info Metamail has been reported prone to multiple vulnerabilities that may provide for arbitrary code execution Two buffer overflow vulnerabilities have been reported to affect Metamail Additionally, two format string-handling vulnerabilities have been reported These issues may also be exploited by ...

References

NVD-CWE-Otherhttp://www.redhat.com/support/errata/RHSA-2004-073.htmlhttp://www.securityfocus.com/bid/9692http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0041.htmlhttp://www.debian.org/security/2004/dsa-449http://www.kb.cert.org/vuls/id/518518http://secunia.com/advisories/10908http://www.ciac.org/ciac/bulletins/o-083.shtmlhttp://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.404734http://www.mandriva.com/security/advisories?name=MDKSA-2004:014http://marc.info/?l=bugtraq&m=107713476911429&w=2https://exchange.xforce.ibmcloud.com/vulnerabilities/15259https://exchange.xforce.ibmcloud.com/vulnerabilities/15245https://nvd.nist.govhttps://www.debian.org/security/./dsa-449https://www.exploit-db.com/exploits/23728/https://www.kb.cert.org/vuls/id/518518
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
race conditionCVE-2024-4249CVE-2024-4244CVE-2023-20198TCPCVE-2022-48648CVE-2022-48636CVE-2024-21345SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook