CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-2873

SpamAssassin 3.1.x, 3.2.0, and 3.2.1 before 20070611, when running as root in unusual configurations using vpopmail or virtual users, allows local users to cause a denial of service (corrupt arbitrary files) via a symlink attack on a file that is used by spamd.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 21.8%

CVSS Severity

CVSS v2 Score 1.9

References

Products affected by CVE-2007-2873

Spamassassin » Spamassassin » Version: 3.1.0

cpe:2.3:a:spamassassin:spamassassin:3.1.0
Spamassassin » Spamassassin » Version: 3.1.1

cpe:2.3:a:spamassassin:spamassassin:3.1.1
Spamassassin » Spamassassin » Version: 3.1.2

cpe:2.3:a:spamassassin:spamassassin:3.1.2
Spamassassin » Spamassassin » Version: 3.1.3

cpe:2.3:a:spamassassin:spamassassin:3.1.3
Spamassassin » Spamassassin » Version: 3.1.4

cpe:2.3:a:spamassassin:spamassassin:3.1.4
Spamassassin » Spamassassin » Version: 3.1.5

cpe:2.3:a:spamassassin:spamassassin:3.1.5
Spamassassin » Spamassassin » Version: 3.1.6

cpe:2.3:a:spamassassin:spamassassin:3.1.6
Spamassassin » Spamassassin » Version: 3.1.7

cpe:2.3:a:spamassassin:spamassassin:3.1.7
Spamassassin » Spamassassin » Version: 3.1.8

cpe:2.3:a:spamassassin:spamassassin:3.1.8
Spamassassin » Spamassassin » Version: 3.1.9

cpe:2.3:a:spamassassin:spamassassin:3.1.9
Spamassassin » Spamassassin » Version: 3.2.0

cpe:2.3:a:spamassassin:spamassassin:3.2.0
Spamassassin » Spamassassin » Version: 3.2.1

cpe:2.3:a:spamassassin:spamassassin:3.2.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-2873

Products

Pricing

Contact Us