[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

ALAS2-2018-1103 --- spamassassin

ID: oval:org.secpod.oval:def:1700090Date: (C)2018-11-20   (M)2023-12-20
Class: PATCHFamily: unix




A flaw was found in the way SpamAssassin processes HTML email containing unclosed HTML tags. A carefully crafted mail message could cause SpamAssassin to consume significant resources. If a large number of these messages are sent, a denial of service could occur potentially delaying or preventing the delivery of email.A flaw was found in the way a local user on the SpamAssassin server could inject code in the meta rule syntax. This could cause the arbitrary code execution on the server when these rules are being processed.

Platform:
Amazon Linux 2
Product:
spamassassin
Reference:
ALAS2-2018-1103
CVE-2017-15705
CVE-2018-11781
CVE    2
CVE-2017-15705
CVE-2018-11781
CPE    11
cpe:/a:apache:spamassassin:3.1.7
cpe:/a:apache:spamassassin:3.0.1
cpe:/a:apache:spamassassin:3.1.1
cpe:/o:amazon:linux:2
...

© SecPod Technologies