DEBIAN-CVE-2007-2873

See a problem?
Please try reporting it to the source first.

Source

https://security-tracker.debian.org/tracker/DEBIAN-CVE-2007-2873

Import Source

https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2007-2873.json

JSON Data

https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2007-2873

Upstream

CVE-2007-2873

Published

2007-06-11T23:30:00Z

Modified

2025-09-19T06:06:35Z

Summary

[none]

Details

SpamAssassin 3.1.x, 3.2.0, and 3.2.1 before 20070611, when running as root in unusual configurations using vpopmail or virtual users, allows local users to cause a denial of service (corrupt arbitrary files) via a symlink attack on a file that is used by spamd.

References

https://security-tracker.debian.org/tracker/CVE-2007-2873

Affected packages

Debian:11 / spamassassin

Package

Name: spamassassin
Purl: pkg:deb/debian/spamassassin?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.2.1-1

Ecosystem specific

{
    "urgency": "low"
}

Debian:12 / spamassassin

Package

Name: spamassassin
Purl: pkg:deb/debian/spamassassin?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.2.1-1

Ecosystem specific

{
    "urgency": "low"
}

Debian:13 / spamassassin

Package

Name: spamassassin
Purl: pkg:deb/debian/spamassassin?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.2.1-1

Ecosystem specific

{
    "urgency": "low"
}

Debian:14 / spamassassin

Package

Name: spamassassin
Purl: pkg:deb/debian/spamassassin?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.2.1-1

Ecosystem specific

{
    "urgency": "low"
}