Unrated severityNVD Advisory· Published Feb 7, 2005· Updated Apr 16, 2026

CVE-2005-0100

Description

Format string vulnerability in the movemail utility in (1) Emacs 20.x, 21.3, and possibly other versions, and (2) XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets.

Affected products

GNU/Emacs2 versions
cpe:2.3:a:gnu:emacs:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:gnu:emacs:*:*:*:*:*:*:*:*range: <=20.0
- cpe:2.3:a:gnu:emacs:21.3:*:*:*:*:*:*:*
GNU/Xemacs
cpe:2.3:a:gnu:xemacs:*:*:*:*:*:*:*:*
Range: <=21.4

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.debian.org/security/2005/dsa-670nvdPatchVendor Advisory
www.debian.org/security/2005/dsa-671nvdPatchVendor Advisory
www.debian.org/security/2005/dsa-685nvdPatchVendor Advisory
www.redhat.com/support/errata/RHSA-2005-110.htmlnvdPatchVendor Advisory
www.redhat.com/support/errata/RHSA-2005-112.htmlnvdPatchVendor Advisory
www.redhat.com/support/errata/RHSA-2005-133.htmlnvdPatchVendor Advisory
marc.infonvd
www.mandriva.com/security/advisoriesnvd
www.securityfocus.com/archive/1/433928/30/5010/threadednvd
www.securityfocus.com/bid/12462nvd
exchange.xforce.ibmcloud.com/vulnerabilities/19246nvd
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9408nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000