5 matches found
MiracleLinux 7 : spamassassin-3.4.0-6.el7 (AXSA:2020-599:03)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-599:03 advisory. spamassassin: crafted email message can lead to DoS CVE-2019-12420 CVE-2019-12420 In Apache SpamAssassin before 3.4.3, a message can be crafted in a way to us...
Heap-based Buffer Overflow
Overview OpenEXR is a Python bindings for the OpenEXR image file format Affected versions of this package are vulnerable to Heap-based Buffer Overflow via genericunpack. An attacker can achieve arbitrary code execution by tricking a user into opening a specially crafted EXR file that exploits...
Use of Uninitialized Variable
Overview Affected versions of this package are vulnerable to Use of Uninitialized Variable via the genericunpack function. An attacker can trigger undefined behavior or cause a crash by providing specially crafted input that leads to the use of uninitialized memory. PoC The archive includes the...
DEBIAN-CVE-2019-12420
In Apache SpamAssassin before 3.4.3, a message can be crafted in a way to use excessive resources. Upgrading to SA 3.4.3 as soon as possible is the recommended fix but details will not be shared publicly...
UBUNTU-CVE-2019-12420
In Apache SpamAssassin before 3.4.3, a message can be crafted in a way to use excessive resources. Upgrading to SA 3.4.3 as soon as possible is the recommended fix but details will not be shared publicly...