FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

metamail format string bugs and buffer overflows

Affected packages
metamail < 2.7_2

Details

VuXML ID a20082c3-6255-11d8-80e3-0020ed76ef5a
Discovery 2004-02-18
Entry 2004-02-18
Modified 2004-03-29

Ulf Härnhammar reported four bugs in metamail: two are format string bugs and two are buffer overflows. The bugs are in SaveSquirrelFile(), PrintHeader(), and ShareThisHeader().

These vulnerabilities could be triggered by a maliciously formatted email message if `metamail' or `splitmail' is used to process it, possibly resulting in arbitrary code execution with the privileges of the user reading mail.

References

Bugtraq ID 9692
CVE Name CVE-2004-0104
CVE Name CVE-2004-0105