CVE-2004-0104

Metamail < 2.7 - Remote Code Execution via Format String Vulnerability

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-0104. PoCs published by Ulf Harnhammar.

AI-analyzed exploit summary The exploit targets multiple vulnerabilities in Metamail, including buffer overflows and format string vulnerabilities, which can lead to arbitrary code execution. The provided links point to binary exploits or related files for these vulnerabilities.

Description

Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Ulf Harnhammar · textremotelinux

https://www.exploit-db.com/exploits/23728

View Code ZIP pw:eip

The exploit targets multiple vulnerabilities in Metamail, including buffer overflows and format string vulnerabilities, which can lead to arbitrary code execution. The provided links point to binary exploits or related files for these vulnerabilities.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Metamail (versions affected by CVE-2004-0104)

No auth needed

Prerequisites: Victim must process a malicious email or file with Metamail

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (12)

Core 12

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/15259

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2004/dsa-449

Vendor Advisory vendor-advisory x_refsource_slackware

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.404734

Third Party Advisory, US Government Resource third-party-advisory government-resource x_refsource_ciac

http://www.ciac.org/ciac/bulletins/o-083.shtml

Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/9692

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/10908

Vendor Advisory vendor-advisory x_refsource_mandrake

http://www.mandriva.com/security/advisories?name=MDKSA-2004:014

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/15245

Patch, Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2004-073.html

Third Party Advisory mailing-list x_refsource_vulnwatch

http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0041.html

US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/518518

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=107713476911429&w=2

Scores

EPSS 0.2622

EPSS Percentile 97.7%

Details

Status published

Products (5)

metamail_corporation/metamail < 2.7

redhat/enterprise_linux 2.1 (3 CPE variants)

redhat/linux_advanced_workstation 2.1

sgi/propack 2.3

sgi/propack 2.4

Published Mar 03, 2004

Tracked Since Feb 18, 2026