CVE-2007-2873 in SpamAssassininfo

Summary

SpamAssassin 3.1.x, 3.2.0, and 3.2.1 before 20070611, when running as root in unusual configurations using vpopmail or virtual users, allows local users to cause a denial of service (corrupt arbitrary files) via a symlink attack on a file that is used by spamd.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

05/29/2007

Disclosure

06/11/2007

Moderation

VulDB entry created

Entries

1: VDB-37243

CPE

ready

CWE

CWE-61 (Confirmed)

CVSS

4.0

EPSS

0.00064

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2007-2873
NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-2873
CVE Details	https://www.cvedetails.com/cve/CVE-2007-2873/

◂ Previous Overview Next ▸

Do you know our Splunk app?

Download it now for free!