Elm is a terminal mode email client.
A buffer overflow flaw in Elm was discovered that was triggered by viewing
a mailbox containing a message with a carefully crafted ‘Expires’ header.
An attacker could create a malicious message that would execute arbitrary
code with the privileges of the user who received it. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2005-2665 to this issue.
Users of Elm should update to this updated package, which contains a
backported patch that corrects this issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | ia64 | elm | < 2.5.6-6 | elm-2.5.6-6.ia64.rpm |
RedHat | any | i386 | elm | < 2.5.6-6 | elm-2.5.6-6.i386.rpm |