| CVE-2004-0104 | | 0.07 | — | 0.51 | | Mar 3, 2004 | Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code. |
| CVE-2006-0709 | | 0.01 | — | 0.08 | | Feb 15, 2006 | Buffer overflow in Metamail 2.7-50 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via e-mail messages with a long boundary attribute, a different vulnerability than CVE-2004-0105. |
| CVE-2004-0105 | | 0.01 | — | 0.13 | | Mar 3, 2004 | Multiple buffer overflows in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code. |
| CVE-2004-1808 | | 0.00 | — | 0.00 | | Dec 31, 2004 | Extcompose in metamail does not verify the output file before writing to it, which allows local users to overwrite arbitrary files via a symlink attack. |
| CVE-1999-1263 | | 0.00 | — | 0.00 | | Aug 15, 2003 | Metamail before 2.7-7.2 allows remote attackers to overwrite arbitrary files via an e-mail message containing a uuencoded attachment that specifies the full pathname for the file to be modified, which is processed by uuencode in Metamail scripts such as sun-audio-file. |
| CVE-1999-1261 | | 0.00 | — | 0.01 | | Oct 24, 1997 | Buffer overflow in Rainbow Six Multiplayer allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long nickname (nick) command. |
| CVE-1999-1266 | | 0.00 | — | 0.01 | | Jun 13, 1997 | rsh daemon (rshd) generates different error messages when a valid username is provided versus an invalid name, which allows remote attackers to determine valid users on the system. |
