Format String Vulnerability in Emacs and XEmacs Movemail Utility
CVE-2005-0100

Currently unrated

Key Information:

Vendor: Gnu
Status: Emacs; Xemacs
Vendor: CVE Published:; 7 February 2005

What is CVE-2005-0100?

A format string vulnerability exists in the movemail utility of Emacs and XEmacs, which can be exploited by remote malicious POP3 servers. By sending specially crafted packets, attackers can execute arbitrary code on the affected systems. This vulnerability impacts various versions of Emacs 20.x, 21.3, and XEmacs 21.4 and earlier. Proper input validation and buffer management are crucial to mitigate the risks associated with this vulnerability.

References

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://www.debian.org/security/2005/dsa-671

vendor-advisoryx_refsource_DEBIAN

http://www.securityfocus.com/archive/1/433928/30/5010/thr...

vendor-advisoryx_refsource_FEDORA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 7, 2005
Vulnerability Reserved
Jan 18, 2005

Gnu

What is CVE-2005-0100?

References

Timeline