- EPSS 20.23%
- Published 16.11.2017 15:29:00
- Last modified 20.04.2025 01:37:25
Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted e-mail message because of a hardcode...
CVE-2014-3618
- EPSS 9.82%
- Published 08.09.2014 14:55:02
- Last modified 12.04.2025 10:46:40
Heap-based buffer overflow in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted email header, related to "unbalanced quotes."
CVE-2001-0905
- EPSS 0.05%
- Published 18.10.2001 04:00:00
- Last modified 03.04.2025 01:03:51
Race condition in signal handling of procmail 3.20 and earlier, when running setuid, allows local users to cause a denial of service or gain root privileges by sending a signal while a signal handling routine is already running.
CVE-1999-0439
- EPSS 0.59%
- Published 05.04.1999 04:00:00
- Last modified 03.04.2025 01:03:51
Buffer overflow in procmail before version 3.12 allows remote or local attackers to execute commands via expansions in the procmailrc configuration file.
CVE-1999-0475
- EPSS 0.18%
- Published 05.04.1999 04:00:00
- Last modified 03.04.2025 01:03:51
A race condition in how procmail handles .procmailrc files allows a local user to read arbitrary files available to the user who is running procmail.