1.9 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:N/A:P
0.0004 Low
EPSS
Percentile
5.7%
SpamAssassin provides a way to reduce unsolicited commercial email (spam)
from incoming email.
Martin Krafft discovered a symlink issue in SpamAssassin that affects
certain non-default configurations. A local user could use this flaw to
create or overwrite files writable by the spamd process (CVE-2007-2873).
Users of SpamAssassin should upgrade to these updated packages which
contain a backported patch to correct this issue.
Note: This issue did not affect the version of SpamAssassin shipped with
Red Hat Enterprise Linux 3.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 4 | i386 | spamassassin | < 3.1.9-1.el4 | spamassassin-3.1.9-1.el4.i386.rpm |
RedHat | 4 | s390x | spamassassin | < 3.1.9-1.el4 | spamassassin-3.1.9-1.el4.s390x.rpm |
RedHat | 5 | ia64 | spamassassin | < 3.1.9-1.el5 | spamassassin-3.1.9-1.el5.ia64.rpm |
RedHat | 5 | i386 | spamassassin | < 3.1.9-1.el5 | spamassassin-3.1.9-1.el5.i386.rpm |
RedHat | 5 | ppc | spamassassin | < 3.1.9-1.el5 | spamassassin-3.1.9-1.el5.ppc.rpm |
RedHat | 5 | x86_64 | spamassassin | < 3.1.9-1.el5 | spamassassin-3.1.9-1.el5.x86_64.rpm |
RedHat | 4 | x86_64 | spamassassin | < 3.1.9-1.el4 | spamassassin-3.1.9-1.el4.x86_64.rpm |
RedHat | 5 | s390x | spamassassin | < 3.1.9-1.el5 | spamassassin-3.1.9-1.el5.s390x.rpm |
RedHat | 4 | src | spamassassin | < 3.1.9-1.el4 | spamassassin-3.1.9-1.el4.src.rpm |
RedHat | 4 | ia64 | spamassassin | < 3.1.9-1.el4 | spamassassin-3.1.9-1.el4.ia64.rpm |