Unrated severityNVD Advisory· Published Jun 11, 2007· Updated Apr 23, 2026
CVE-2007-2873
CVE-2007-2873
Description
SpamAssassin 3.1.x, 3.2.0, and 3.2.1 before 20070611, when running as root in unusual configurations using vpopmail or virtual users, allows local users to cause a denial of service (corrupt arbitrary files) via a symlink attack on a file that is used by spamd.
Affected products
12cpe:2.3:a:spamassassin:spamassassin:3.1.0:*:*:*:*:*:*:*+ 11 more
- cpe:2.3:a:spamassassin:spamassassin:3.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:spamassassin:spamassassin:3.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:spamassassin:spamassassin:3.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:spamassassin:spamassassin:3.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:spamassassin:spamassassin:3.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:spamassassin:spamassassin:3.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:spamassassin:spamassassin:3.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:spamassassin:spamassassin:3.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:spamassassin:spamassassin:3.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:spamassassin:spamassassin:3.1.9:*:*:*:*:*:*:*
- cpe:2.3:a:spamassassin:spamassassin:3.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:spamassassin:spamassassin:3.2.1:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
10- osvdb.org/37234nvd
- spamassassin.apache.org/advisories/cve-2007-2873.txtnvd
- www.mandriva.com/security/advisoriesnvd
- www.redhat.com/support/errata/RHSA-2007-0492.htmlnvd
- www.securityfocus.com/bid/24481nvd
- www.securitytracker.com/idnvd
- www.vupen.com/english/advisories/2007/2172nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/34864nvd
- issues.rpath.com/browse/RPL-1450nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10354nvd
News mentions
0No linked articles in our index yet.