emacs21 -- format string

2005-02-17T00:00:00
ID DSA-685
Type debian
Reporter Debian
Modified 2005-02-17T00:00:00

Description

Max Vozeler discovered several format string vulnerabilities in the movemail utility of Emacs, the well-known editor. Via connecting to a malicious POP server an attacker can execute arbitrary code under the privileges of group mail.

For the stable distribution (woody) these problems have been fixed in version 21.2-1woody3.

For the unstable distribution (sid) these problems have been fixed in version 21.3+1-9.

We recommend that you upgrade your emacs packages.