PT-2018-10818 · Apache+5 · Apache Spamassassin+5

Published

2018-09-17

·

Updated

2019-08-06

·

CVE-2018-11781

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Apache SpamAssassin versions prior to 3.4.2
Description A local user code injection issue exists in the meta rule syntax.
Recommendations For versions prior to 3.4.2, update to Apache SpamAssassin version 3.4.2 to resolve the issue.

Fix

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-94

Related Identifiers

ALT-PU-2018-2985
ALT-PU-2018-2986
CESA-2018_2916
CVE-2018-11781
DLA-1578-1
MGASA-2018-0425
OPENSUSE-SU-2019:1831-1
OPENSUSE-SU-2019_1831-1
RHSA-2018:2916
RHSA-2018_2916
SUSE-SU-2019:1961-1
SUSE-SU-2019:2011-1
USN-3811-1
USN-3811-3

Affected Products

Alt Linux
Apache Spamassassin
Centos
Red Hat
Suse
Ubuntu