CVE-2007-0451

Published: Feb 16, 2007Modified: Apr 23, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:P

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Apache SpamAssassin before 3.1.8 allows remote attackers to cause a denial of service via long URLs in malformed HTML, which triggers "massive memory usage."

Affected (8)

Products: Apache: Spamassassin

1 product

Configuration A

8 vulnerable

Vulnerable Software	Affected Versions
Apache Spamassassin	Up to 3.1.7
Apache Spamassassin	Version 3.0.1
Apache Spamassassin	Version 3.0.2
Apache Spamassassin	Version 3.0.3
Apache Spamassassin	Version 3.0.4
Apache Spamassassin	Version 3.1.0
Apache Spamassassin	Version 3.1.1
Apache Spamassassin	Version 3.1.2

Related CWEs

References (46)

http://fedoranews.org/cms/node/2657

Source: secalert@redhat.com

Patch

http://fedoranews.org/cms/node/2659

Source: secalert@redhat.com

Patch

http://osvdb.org/33207

Source: secalert@redhat.com

http://rhn.redhat.com/errata/RHSA-2007-0074.html

Source: secalert@redhat.com

http://secunia.com/advisories/24197

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/24200

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/24250

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/24256

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/24265

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/24307

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/24889

Source: secalert@redhat.com

Vendor Advisory

http://security.gentoo.org/glsa/glsa-200703-02.xml

Source: secalert@redhat.com

http://spamassassin.apache.org/advisories/cve-2007-0451.txt

Source: secalert@redhat.com

http://svn.apache.org/repos/asf/spamassassin/branches/3.1/build/announcements/3.1.8.txt

Source: secalert@redhat.com

http://www.mandriva.com/security/advisories?name=MDKSA-2007:049

Source: secalert@redhat.com

http://www.novell.com/linux/security/advisories/2007_6_sr.html

Source: secalert@redhat.com

http://www.redhat.com/support/errata/RHSA-2007-0075.html

Source: secalert@redhat.com

http://www.securityfocus.com/bid/22584

Source: secalert@redhat.com

Patch

http://www.securitytracker.com/id?1017666

Source: secalert@redhat.com

http://www.vupen.com/english/advisories/2007/0628

Source: secalert@redhat.com

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/32536

Source: secalert@redhat.com

https://issues.rpath.com/browse/RPL-1073

Source: secalert@redhat.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10018

Source: secalert@redhat.com

http://fedoranews.org/cms/node/2657

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://fedoranews.org/cms/node/2659

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://osvdb.org/33207

Source: af854a3a-2127-422b-91ae-364da2661108

http://rhn.redhat.com/errata/RHSA-2007-0074.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/24197

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/24200

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/24250

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/24256

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/24265

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/24307

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/24889

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://security.gentoo.org/glsa/glsa-200703-02.xml

Source: af854a3a-2127-422b-91ae-364da2661108

http://spamassassin.apache.org/advisories/cve-2007-0451.txt

Source: af854a3a-2127-422b-91ae-364da2661108

http://svn.apache.org/repos/asf/spamassassin/branches/3.1/build/announcements/3.1.8.txt

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mandriva.com/security/advisories?name=MDKSA-2007:049

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.novell.com/linux/security/advisories/2007_6_sr.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2007-0075.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/22584

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.securitytracker.com/id?1017666

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2007/0628

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/32536

Source: af854a3a-2127-422b-91ae-364da2661108

https://issues.rpath.com/browse/RPL-1073

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10018

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.