Critical severity9.8NVD Advisory· Published Sep 17, 2018· Updated Jun 17, 2026
CVE-2018-11780
CVE-2018-11780
Description
A potential Remote Code Execution bug exists with the PDFInfo plugin in Apache SpamAssassin before 3.4.2.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9<3.4.2+ 1 more
- (no CPE)range: <3.4.2
- (no CPE)range: before 3.4.2
- osv-coords7 versionspkg:rpm/opensuse/spamassassin&distro=openSUSE%20Leap%2015.0pkg:rpm/opensuse/spamassassin&distro=openSUSE%20Tumbleweedpkg:rpm/suse/spamassassin&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP4pkg:rpm/suse/spamassassin&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015pkg:rpm/suse/spamassassin&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015pkg:rpm/suse/spamassassin&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4pkg:rpm/suse/spamassassin&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4
< 3.4.2-lp150.6.3.1+ 6 more
- (no CPE)range: < 3.4.2-lp150.6.3.1
- (no CPE)range: < 3.4.6-71.3
- (no CPE)range: < 3.4.2-44.3.1
- (no CPE)range: < 3.4.2-7.4.1
- (no CPE)range: < 3.4.2-7.4.1
- (no CPE)range: < 3.4.2-44.3.1
- (no CPE)range: < 3.4.2-44.3.1
Patches
Vulnerability mechanics
References
7- www.securityfocus.com/bid/105373nvdThird Party AdvisoryVDB Entry
- lists.debian.org/debian-lts-announce/2018/11/msg00016.htmlnvdMailing ListThird Party Advisory
- security.gentoo.org/glsa/201812-07nvdThird Party Advisory
- usn.ubuntu.com/3811-1/nvdThird Party Advisory
- usn.ubuntu.com/3811-3/nvdThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2019-08/msg00002.htmlnvd
- lists.apache.org/thread.html/7f6a16bc0fd0fd5e67c7fd95bd655069a2ac7d1f88e42d3c853e601c%40%3Cannounce.apache.org%3Envd
News mentions
0No linked articles in our index yet.