Procmail: >> Procmail >> 3.22 Security Vulnerabilities
Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted e-mail message because of a hardcoded realloc size, a different vulnerability than CVE-2014-3618.
CVSS Score
9.8
EPSS Score
0.141
Published
2017-11-16
Heap-based buffer overflow in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted email header, related to "unbalanced quotes."
CVSS Score
7.5
EPSS Score
0.102
Published
2014-09-08
A race condition in how procmail handles .procmailrc files allows a local user to read arbitrary files available to the user who is running procmail.
CVSS Score
1.2
EPSS Score
0.002
Published
1999-04-05