7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.049 Low
EPSS
Percentile
92.8%
Ulf Härnhammar reports multiple buffer overflows in
Emil, some of which are triggered during the parsing
of attachment filenames. In addition, some format string bugs
are present in the error reporting code.
Depending upon local configuration, these vulnerabilities
may be exploited using specially crafted messages in order
to execute arbitrary code running with the privileges of
the user invoking Emil.