Vulnerability Name: | CVE-1999-0439 (CCN-2082) | ||||||||
Assigned: | 1999-04-05 | ||||||||
Published: | 1999-04-05 | ||||||||
Updated: | 2022-08-17 | ||||||||
Summary: | Buffer overflow in procmail before version 3.12 allows remote or local attackers to execute commands via expansions in the procmailrc configuration file. | ||||||||
CVSS v3 Severity: | 5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||
Vulnerability Type: | CWE-Other | ||||||||
Vulnerability Consequences: | Gain Access | ||||||||
References: | Source: CCN Type: Caldera International, Inc. Security Advisory CSSA-1999-007.0 procmail Source: CCN Type: BugTraq Mailing List, Mon, 5 Apr 1999 02:23:59 -0500 Re: [SECURITY] new version of procmail with security fixes Source: MITRE Type: CNA CVE-1999-0439 Source: DEBIAN Type: Debian Security Advisory 19990422 procmail: Buffer overflows, miscellaneous security updates in procmail. Source: CCN Type: OSVDB ID: 11467 Procmail .procmailrc Expansions Remote Overflow Source: CCN Type: Procmail Project Web site Procmail Homepage Source: XF Type: UNKNOWN procmail-overflow(2082) Source: MISC Type: UNKNOWN https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0439 | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration 2: Denotes that component is vulnerable | ||||||||
BACK |