Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted e-mail message because of a hardcoded realloc size, a different vulnerability than CVE-2014-3618.
Max CVSS
10.0
EPSS Score
4.26%
Published
2017-11-16
Updated
2018-02-04
Heap-based buffer overflow in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted email header, related to "unbalanced quotes."
Max CVSS
7.5
EPSS Score
14.56%
Published
2014-09-08
Updated
2023-02-13
Race condition in signal handling of procmail 3.20 and earlier, when running setuid, allows local users to cause a denial of service or gain root privileges by sending a signal while a signal handling routine is already running.
Max CVSS
6.2
EPSS Score
0.04%
Published
2001-10-18
Updated
2017-10-10
A race condition in how procmail handles .procmailrc files allows a local user to read arbitrary files available to the user who is running procmail.
Max CVSS
1.2
EPSS Score
0.04%
Published
1999-04-05
Updated
2022-08-17
Buffer overflow in procmail before version 3.12 allows remote or local attackers to execute commands via expansions in the procmailrc configuration file.
Max CVSS
7.5
EPSS Score
0.34%
Published
1999-04-05
Updated
2022-08-17
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!