Procmail

procmail

Vendor: Procmail • 5 CVEs

CVEs (5)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-16844 1Procmail 1Procmail May 13, 2026 Nov 16, 2017 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted e-mail...Show more Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted e-mail message because of a hardcoded realloc size, a different vulnerability than CVE-2014-3618.Show less
CVE-2014-3618 2Canonical Procmail 2Procmail Ubuntu Linux May 6, 2026 Sep 8, 2014 N/A· v4 N/A· v3 7.5 HIGH· v2 Heap-based buffer overflow in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted email header, related to "unbalanced quot...Show more Heap-based buffer overflow in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted email header, related to "unbalanced quotes."Show less
CVE-2001-0905 1Procmail 1Procmail Apr 16, 2026 Oct 18, 2001 N/A· v4 N/A· v3 6.2 MEDIUM· v2 Race condition in signal handling of procmail 3.20 and earlier, when running setuid, allows local users to cause a denial of service or gain root privileges by sending a signal while a signal handling routine is already...Show more Race condition in signal handling of procmail 3.20 and earlier, when running setuid, allows local users to cause a denial of service or gain root privileges by sending a signal while a signal handling routine is already running.Show less
CVE-1999-0475 1Procmail 1Procmail Apr 16, 2026 Apr 5, 1999 N/A· v4 N/A· v3 1.2 LOW· v2 A race condition in how procmail handles .procmailrc files allows a local user to read arbitrary files available to the user who is running procmail.
CVE-1999-0439 2Caldera Procmail 2Openlinux Procmail Apr 16, 2026 Apr 5, 1999 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in procmail before version 3.12 allows remote or local attackers to execute commands via expansions in the procmailrc configuration file.