Elm Development Group Elm — known CVE vulnerabilities
Every CVE whose affected-product data names Elm Development Group Elm, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2001-1174 — CVSS 7.5 (high): Buffer overflow in Elm 2.5.5 and earlier allows remote attackers to execute arbitrary code via a long Message-ID header.
CVE-1999-1334 — CVSS 7.5 (high): Multiple buffer overflows in filter command in Elm 2.4 allows attackers to execute arbitrary commands via (1) long From: headers, (2) long…
CVE-2003-0966 — CVSS 7.5 (high): Buffer overflow in the frm command in elm 2.5.6 and earlier, and possibly later versions, allows remote attackers to execute arbitrary code…
CVE-2005-2665 — CVSS 7.5 (high): Stack-based buffer overflow in expires.c in Elm 2.5 PL5 through PL7, and possibly other versions, allows remote attackers to execute…
CVE-2003-1323 — CVSS 6.8 (medium): Elm ME+ 2.4 before PL109S, when installed setgid mail and the operating system lacks POSIX saved ID support, allows local users to read and…
CVE-1999-1184 — CVSS 4.6 (medium): Buffer overflow in Elm 2.4 and earlier allows local users to gain privileges via a long TERM environmental variable.
CVE-1999-0114 — CVSS 4.6 (medium): Local users can execute commands as other users, and read other users' files, through the filter command in the Elm elm-2.4 mail package…