Spamassassin » Spamassassin : Security Vulnerabilities, CVEs,
Off-by-one buffer overflow in spamc of SpamAssassin 2.40 through 2.43, when using BSMTP mode ("-B"), allows remote attackers to execute arbitrary code via email containing headers with leading "." characters.
Max CVSS
7.6
EPSS Score
7.38%
Published
2003-12-31
Updated
2018-10-19
SpamAssassin 2.5x, and 2.6x before 2.64, allows remote attackers to cause a denial of service via certain malformed messages.
Max CVSS
5.0
EPSS Score
3.45%
Published
2004-10-20
Updated
2017-10-11
SpamAssassin 3.1.x, 3.2.0, and 3.2.1 before 20070611, when running as root in unusual configurations using vpopmail or virtual users, allows local users to cause a denial of service (corrupt arbitrary files) via a symlink attack on a file that is used by spamd.
Max CVSS
1.9
EPSS Score
0.04%
Published
2007-06-11
Updated
2017-10-11
3 vulnerabilities found