The vulnerability of the Apache SpamAssassin spam filtering software lies in the lack of measures to neutralize special elements. This allows attackers to access confidential data, compromise its integrity, and cause service interruptions.

The vulnerability of the Apache SpamAssassin spam filtering software lies in the lack of measures to neutralize special elements. Exploiting this vulnerability allows a remote attacker to access confidential data, compromise its integrity, and cause service interruptions...

UBUNTU-CVE-2018-11805

In Apache SpamAssassin before 3.4.3, nefarious CF files can be configured to run system commands without any output or errors. With this, exploits can be injected in a number of scenarios. In addition to upgrading to SA 3.4.3, we recommend that users should only use update channels or 3rd party ....

spamassassin: Certain unclosed tags in crafted emails allow for scan timeouts and result in denial of service

A flaw was found in the way SpamAssassin processes HTML email containing unclosed HTML tags. A carefully crafted mail message could cause SpamAssassin to consume significant resources. If a large number of these messages are sent, a denial of service could occur potentially delaying or preventing...

security flaw

SpamAssassin 3.0.4 allows attackers to bypass spam detection via an e-mail with a large number of recipients "To" addresses, which triggers a bus error in Perl...