RSS   Vulnerabilities for 'Spamassassin milter plugin'   RSS

2010-03-27
 
CVE-2010-1132

CWE-78
 

 
The mlfi_envrcpt function in spamass-milter.cpp in SpamAssassin Milter Plugin 0.3.1, when using the expand option, allows remote attackers to execute arbitrary system commands via shell metacharacters in the RCPT TO field of an email message.

 


Copyright 2024, cxsecurity.com

 

Back to Top