Apache: >> Spamassassin >> 3.1.1 Security Vulnerabilities
SpamAssassin before 3.1.3, when running with vpopmail and the paranoid (-P) switch, allows remote attackers to execute arbitrary commands via a crafted message that is not properly handled when invoking spamd with the virtual pop username.
CVSS Score
5.1
EPSS Score
0.744
Published
2006-06-06
Page 2