Unrated severityNVD Advisory· Published Mar 27, 2010· Updated Jun 16, 2026
CVE-2010-1132
CVE-2010-1132
Description
The mlfi_envrcpt function in spamass-milter.cpp in SpamAssassin Milter Plugin 0.3.1, when using the expand option, allows remote attackers to execute arbitrary system commands via shell metacharacters in the RCPT TO field of an email message.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:georg_greve:spamassassin_milter_plugin:0.3.1:*:*:*:*:*:*:*
- Range: =0.3.1
Patches
Vulnerability mechanics
References
19- archives.neohapsis.com/archives/fulldisclosure/2010-03/0139.htmlnvdExploit
- www.exploit-db.com/exploits/11662nvdExploit
- www.securityfocus.com/bid/38578nvdExploit
- secunia.com/advisories/38840nvdVendor Advisory
- secunia.com/advisories/38956nvdVendor Advisory
- secunia.com/advisories/39265nvdVendor Advisory
- www.vupen.com/english/advisories/2010/0559nvdVendor Advisory
- www.vupen.com/english/advisories/2010/0683nvdVendor Advisory
- www.vupen.com/english/advisories/2010/0837nvdVendor Advisory
- bugs.debian.org/573228nvd
- lists.fedoraproject.org/pipermail/package-announce/2010-April/038535.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2010-April/038572.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2010-April/038777.htmlnvd
- osvdb.org/62809nvd
- www.debian.org/security/2010/dsa-2021nvd
- www.securitytracker.com/idnvd
- bugzilla.redhat.com/show_bug.cginvd
- exchange.xforce.ibmcloud.com/vulnerabilities/56732nvd
- savannah.nongnu.org/bugs/nvd
News mentions
0No linked articles in our index yet.