CVE-2005-0100
Emacs < 20.0 and XEmacs < 21.4 - Remote Code Execution via Format String in movemail
Title source: llmDescription
Format string vulnerability in the movemail utility in (1) Emacs 20.x, 21.3, and possibly other versions, and (2) XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets.
References (12)
Core 12
Core References
Patch, Vendor Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2005/dsa-671
Patch, Vendor Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2005/dsa-685
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9408
Third Party Advisory, VDB Entry vendor-advisory
x_refsource_fedora
http://www.securityfocus.com/archive/1/433928/30/5010/threaded
Patch, Vendor Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2005/dsa-670
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=110780416112719&w=2
Patch, Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2005-110.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/19246
Patch, Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2005-133.html
Patch, Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2005-112.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/12462
Vendor Advisory vendor-advisory
x_refsource_mandrake
http://www.mandriva.com/security/advisories?name=MDKSA-2005:038
Scores
EPSS
0.0284
EPSS Percentile
86.4%
Details
Status
published
Products (3)
gnu/emacs
21.3
gnu/emacs
< 20.0
gnu/xemacs
< 21.4
Published
Feb 07, 2005
Tracked Since
Feb 18, 2026