CVE-2004-0105
published 2004-03-03CVE-2004-0105: Multiple buffer overflows in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.
PriorityP336high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
8.23%
94.2th percentile
Multiple buffer overflows in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| metamail_corporation | metamail | <= 2.7 | — |
| metamail_corporation | metamail | — | — |
| redhat | enterprise_linux | — | — |
| redhat | linux_advanced_workstation | — | — |
| sgi | propack | — | — |
| sgi | propack | — | — |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_redhat7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
security flaw
vendor_redhat·2006-02-12·CVSS 7.5
CVE-2006-0709 [HIGH] security flaw
security flaw
Buffer overflow in Metamail 2.7-50 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via e-mail messages with a long boundary attribute, a different vulnerability than CVE-2004-0105.
Red Hat
security flaw
vendor_redhat·2004-02-18·CVSS 7.5
CVE-2004-0105 [HIGH] security flaw
security flaw
Multiple buffer overflows in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.
GHSA
GHSA-c93r-p92x-rrc3: Buffer overflow in Metamail 2
ghsa_unreviewed·2022-05-01·CVSS 7.5
CVE-2006-0709 [HIGH] GHSA-c93r-p92x-rrc3: Buffer overflow in Metamail 2
Buffer overflow in Metamail 2.7-50 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via e-mail messages with a long boundary attribute, a different vulnerability than CVE-2004-0105.
GHSA
GHSA-xp3c-x693-rrgv: Multiple buffer overflows in Metamail 2
ghsa_unreviewed·2022-04-29
CVE-2004-0105 [HIGH] GHSA-xp3c-x693-rrgv: Multiple buffer overflows in Metamail 2
Multiple buffer overflows in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2006-0709 security flaw
bugzilla·2018-08-16·CVSS 7.5
CVE-2006-0709 [HIGH] CVE-2006-0709 security flaw
CVE-2006-0709 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
Buffer overflow in Metamail 2.7-50 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via e-mail messages with a long boundary attribute, a different vulnerability than CVE-2004-0105.
Bugzilla
CVE-2004-0105 security flaw
bugzilla·2018-08-16·CVSS 7.5
CVE-2004-0105 [HIGH] CVE-2004-0105 security flaw
CVE-2004-0105 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
Multiple buffer overflows in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.
http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0041.htmlhttp://marc.info/?l=bugtraq&m=107713476911429&w=2http://secunia.com/advisories/10908http://www.ciac.org/ciac/bulletins/o-083.shtmlhttp://www.debian.org/security/2004/dsa-449http://www.kb.cert.org/vuls/id/513062http://www.mandriva.com/security/advisories?name=MDKSA-2004:014http://www.redhat.com/support/errata/RHSA-2004-073.htmlhttp://www.securityfocus.com/bid/9692http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.404734https://exchange.xforce.ibmcloud.com/vulnerabilities/15247https://exchange.xforce.ibmcloud.com/vulnerabilities/15258http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0041.htmlhttp://marc.info/?l=bugtraq&m=107713476911429&w=2http://secunia.com/advisories/10908http://www.ciac.org/ciac/bulletins/o-083.shtmlhttp://www.debian.org/security/2004/dsa-449http://www.kb.cert.org/vuls/id/513062http://www.mandriva.com/security/advisories?name=MDKSA-2004:014http://www.redhat.com/support/errata/RHSA-2004-073.htmlhttp://www.securityfocus.com/bid/9692http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.404734https://exchange.xforce.ibmcloud.com/vulnerabilities/15247https://exchange.xforce.ibmcloud.com/vulnerabilities/15258
2004-03-03
Published