CVE-1999-0365

The metamail package allows remote command execution using shell metacharacters that are not quoted in a mailcap entry.