FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

spamassassin -- multiple vulnerabilities

Affected packages
spamassassin < 3.4.3

Details

VuXML ID 70111759-1dae-11ea-966a-206a8a720317
Discovery 2019-12-11
Entry 2019-12-13

the Apache Spamassassin project reports:

An input validation error of user-supplied input parsing multipart emails. Specially crafted emails can consume all resources on the system.

A local user is able to execute arbitrary shell commands through specially crafted nefarious CF files.

[source]

References

CVE Name CVE-2018-11805
CVE Name CVE-2019-12420
URL https://www.cybersecurity-help.cz/vdb/SB2019121311

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.