VULHUB ™

FreeBSD Security Advisory - (Revised Mar 19) MH and its successor NMH are popular Mail User Agents, availabe in the FreeBSD ports collection. EXMH and EXMH2 are TCL/TK-based front-ends to the MH system. The mhshow command used for viewing MIME attachments contains a buffer overflow which can be exploited by a specially-crafted email attachment, which will allow the execution of arbitrary code as the local user when the attachment is opened. The japanese version is also vulnerable.

FreeBSD Security Advisory - (Revised Mar 19) MH and its successor NMH are popular Mail User Agents, availabe in the FreeBSD ports collection. EXMH and EXMH2 are TCL/TK-based front-ends to the MH system. The mhshow command used for viewing MIME attachments contains a buffer overflow which can be exploited by a specially-crafted email attachment, which will allow the execution of arbitrary code as the local user when the attachment is opened. The japanese version is also vulnerable.