|
A remote overflow exists in GNU Emacs. The movemail function fails to adequately check responses from POP3 Servers in popmail() resulting in a format string overflow. With a specially crafted response, an attacker with a malicious POP3 Server can gain remote access with privilege of the logged on user and the effective group ID of the mail group resulting in a loss of integrity.
|