Lucene search

FreeBSD70111759-1DAE-11EA-966A-206A8A720317

HistoryDec 11, 2019 - 12:00 a.m.

spamassassin -- multiple vulnerabilities

2019-12-1100:00:00

vuxml.freebsd.org

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.009 Low

EPSS

Percentile

82.1%

JSON

the Apache Spamassassin project reports:

An input validation error of user-supplied input parsing
multipart emails. Specially crafted emails can consume all
resources on the system.
A local user is able to execute arbitrary shell commands
through specially crafted nefarious CF files.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchspamassassin< 3.4.3UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	spamassassin	< 3.4.3	UNKNOWN

References

www.cybersecurity-help.cz/vdb/SB2019121311

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.009 Low

EPSS

Percentile

82.1%

JSON

Related for 70111759-1DAE-11EA-966A-206A8A720317