CVE-2014-3618CVE-2014-3618

Affected configuration(s):

cpe:/a:procmail:procmail:3.22
cpe:/o:canonical:ubuntu_linux:10.04:-:lts
cpe:/o:canonical:ubuntu_linux:12.04:-:lts
cpe:/o:canonical:ubuntu_linux:14.04::~~lts~~~

Date published: 2014-09-08T10:55:02.810-04:00

Date last modified: 2017-08-28T21:34:48.623-04:00

CVSS Score: 7.5

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: http://linux.oracle.com/errata/ELSA-2014-1172.html

Summary: Heap-based buffer overflow in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted email header, related to “unbalanced quotes.”

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.