Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2005-0100

Published: 07/02/2005 Updated: 19/10/2018
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Emacs

Vulnerability Summary

Format string vulnerability in the movemail utility in (1) Emacs 20.x, 21.3, and possibly other versions, and (2) XEmacs 21.4 and previous versions, allows remote malicious POP3 servers to execute arbitrary code via crafted packets.

Vulnerable Product Search on Vulmon Subscribe to Product

gnu emacs 21.3

gnu emacs

gnu xemacs

Vendor Advisories

Ubuntu Security Notice: emacs21 vulnerability
Max Vozeler discovered a format string vulnerability in the “movemail” utility of Emacs By sending specially crafted packets, a malicious POP3 server could cause a buffer overflow, which could have been exploited to execute arbitrary code with the privileges of the user and the “mail” group (since “movemail” is installed as “setgid m ...
Red Hat: emacs security update
Synopsis emacs security update Type/Severity Security Advisory: Important Topic Updated Emacs packages that fix a string format issue are now available Description Emacs is a powerful, customizable, self-documenting, modeless text editorMax Vozeler discovered several format string vulnera ...
Red Hat: xemacs security update
Synopsis xemacs security update Type/Severity Security Advisory: Important Topic Updated XEmacs packages that fix a string format issue are now available forRed Hat Enterprise Linux 4This update has been rated as having important security impact by the RedHat Security Response Team Description ...
Red Hat: xemacs security update
Synopsis xemacs security update Type/Severity Security Advisory: Important Topic Updated XEmacs packages that fix a string format issue are now available Description XEmacs is a powerful, customizable, self-documenting, modeless text editorMax Vozeler discovered several format string vuln ...
Red Hat: emacs security update
Synopsis emacs security update Type/Severity Security Advisory: Important Topic Updated Emacs packages that fix a string format issue are now available forRed Hat Enterprise Linux 4This update has been rated as having important security impact by the RedHat Security Response Team Description ...
Debian Security Advisories: DSA-670-1 emacs20 -- format string
Max Vozeler discovered several format string vulnerabilities in the movemail utility of Emacs, the well-known editor Via connecting to a malicious POP server an attacker can execute arbitrary code under the privileges of group mail For the stable distribution (woody) these problems have been fixed in version 207-133 The unstable distribution ( ...
Debian Security Advisories: DSA-671-1 xemacs21 -- format string
Max Vozeler discovered several format string vulnerabilities in the movemail utility of Emacs, the well-known editor Via connecting to a malicious POP server an attacker can execute arbitrary code under the privileges of group mail For the stable distribution (woody) these problems have been fixed in version 2146-8woody2 For the unstable distr ...

References

NVD-CWE-Otherhttp://www.debian.org/security/2005/dsa-670http://www.debian.org/security/2005/dsa-671http://www.debian.org/security/2005/dsa-685http://www.redhat.com/support/errata/RHSA-2005-110.htmlhttp://www.redhat.com/support/errata/RHSA-2005-112.htmlhttp://www.redhat.com/support/errata/RHSA-2005-133.htmlhttp://www.securityfocus.com/bid/12462http://www.mandriva.com/security/advisories?name=MDKSA-2005:038http://marc.info/?l=bugtraq&m=110780416112719&w=2https://exchange.xforce.ibmcloud.com/vulnerabilities/19246https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9408http://www.securityfocus.com/archive/1/433928/30/5010/threadedhttps://usn.ubuntu.com/76-1/https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654CVE-2023-49606encryptionNULL pointer dereferenceCVE-2024-4439CVE-2024-4649race conditionCVE-2024-27202CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook