Description
Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Ulf Harnhammar · textremotelinux
https://www.exploit-db.com/exploits/23728
References (12)
Core 12
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/15259
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2004/dsa-449
Vendor Advisory vendor-advisory
x_refsource_slackware
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.404734
Third Party Advisory, US Government Resource third-party-advisory
government-resource
x_refsource_ciac
http://www.ciac.org/ciac/bulletins/o-083.shtml
Exploit, Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/9692
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/10908
Vendor Advisory vendor-advisory
x_refsource_mandrake
http://www.mandriva.com/security/advisories?name=MDKSA-2004:014
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/15245
Patch, Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2004-073.html
Third Party Advisory mailing-list
x_refsource_vulnwatch
http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0041.html
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/518518
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=107713476911429&w=2
Scores
EPSS
0.5105
EPSS Percentile
97.9%
Details
Status
published
Products (5)
metamail_corporation/metamail
< 2.7
redhat/enterprise_linux
2.1 (3 CPE variants)
redhat/linux_advanced_workstation
2.1
sgi/propack
2.3
sgi/propack
2.4
Published
Mar 03, 2004
Tracked Since
Feb 18, 2026