CVSS: 4.3EPSS: 5%CPEs: 8EXPL: 0CVE-2007-0451
https://notcve.org/view.php?id=CVE-2007-0451
Apache SpamAssassin before 3.1.8 allows remote attackers to cause a denial of service via long URLs in malformed HTML, which triggers "massive memory usage." Apache SpamAssassin versiones anteriores a 3.1.8, permite a atacantes remotos causar una denegación de servicio por medio de URLs largas en HTML malformado, que desencadena un "massive memory usageā • http://fedoranews.org/cms/node/2657 http://fedoranews.org/cms/node/2659 http://osvdb.org/33207 http://rhn.redhat.com/errata/RHSA-2007-0074.html http://secunia.com/advisories/24197 http://secunia.com/advisories/24200 http://secunia.com/advisories/24250 http://secunia.com/advisories/24256 http://secunia.com/advisories/24265 http://secunia.com/advisories/24307 http://secunia.com/advisories/24889 http://security.gentoo.org/glsa/glsa-200703-02.xml http://spamassassi • CWE-399: Resource Management Errors •
CVSS: 5.1EPSS: 94%CPEs: 3EXPL: 2CVE-2006-2447 – SpamAssassin spamd - Remote Command Execution
https://notcve.org/view.php?id=CVE-2006-2447
SpamAssassin before 3.1.3, when running with vpopmail and the paranoid (-P) switch, allows remote attackers to execute arbitrary commands via a crafted message that is not properly handled when invoking spamd with the virtual pop username. • https://www.exploit-db.com/exploits/16920 https://www.exploit-db.com/exploits/9914 http://secunia.com/advisories/20430 http://secunia.com/advisories/20443 http://secunia.com/advisories/20482 http://secunia.com/advisories/20531 http://secunia.com/advisories/20566 http://secunia.com/advisories/20692 http://securitytracker.com/id?1016230 http://securitytracker.com/id?1016235 http://www.debian.org/security/2006/dsa-1090 http://www.gentoo.org/security/en/glsa/glsa-200606- •