March 17, 2001

Elm subject line buffer overflow vulnerability

Author: JT Smith

Security Focus warns of a potential local exploit in the 'elm' mail reader. On some versions, arbitrary code can be executed from the 'subject' field on the command line, possibly allowing a user to change the contents of another's mail.


  • Linux
Click Here!