CVE-2005-0100
emacs21 - format string
EPSS 2.8%
Description
Format string vulnerability in the movemail utility in (1) Emacs 20.x, 21.3, and possibly other versions, and (2) XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets.
How to fix CVE-2005-0100
To remediate CVE-2005-0100, upgrade the affected package to a fixed version below.
- Debian/emacs20—upgrade to 20.7-13.3 or later
- Debian/emacs21—upgrade to 21.2-1woody3 or later
- Debian/xemacs21—upgrade to 21.4.16-2 or later
- —upgrade to 21.4.6-8woody2 or later
Is CVE-2005-0100 being exploited?
Low — EPSS is 2.8%, meaning exploitation activity has not been observed at scale.
Affected packages (4)
- from 0, < 20.7-13.3
- from 0, < 21.2-1woody3
- from 0, < 21.4.16-2
- from 0, < 21.4.6-8woody2