Lucene search

[email protected]CVE-2005-0100

HistoryFeb 07, 2005 - 5:00 a.m.

CVE-2005-0100

2005-02-0705:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2005-0100

format string vulnerability

movemail utility

emacs

xemacs

remote code execution

nvd

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.007 Low

EPSS

Percentile

80.1%

JSON

Format string vulnerability in the movemail utility in (1) Emacs 20.x, 21.3, and possibly other versions, and (2) XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets.

CPENameOperatorVersion
gnu:emacsgnu emacseq21.3
gnu:xemacsgnu xemacsle21.4
gnu:emacsgnu emacsle20.0

CPE	Name	Operator	Version
gnu:emacs	gnu emacs	eq	21.3
gnu:xemacs	gnu xemacs	le	21.4
gnu:emacs	gnu emacs	le	20.0

References

marc.info/?l=bugtraq&m=110780416112719&w=2

www.debian.org/security/2005/dsa-670

www.debian.org/security/2005/dsa-671

www.debian.org/security/2005/dsa-685

www.mandriva.com/security/advisories?name=MDKSA-2005:038

www.redhat.com/support/errata/RHSA-2005-110.html

www.redhat.com/support/errata/RHSA-2005-112.html

www.redhat.com/support/errata/RHSA-2005-133.html

www.securityfocus.com/archive/1/433928/30/5010/threaded

www.securityfocus.com/bid/12462

exchange.xforce.ibmcloud.com/vulnerabilities/19246

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9408

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.007 Low

EPSS

Percentile

80.1%

JSON

Related for CVE-2005-0100

nessus15 redhat4 openvas13 freebsd1 debian6 osv3 ubuntucve1 ubuntu1 debiancve1 securityvulns1 gentoo1