Mailscanner Mailscanner : Security vulnerabilities, CVEs published in 2019

Copy

CVE-2010-3293

mailscanner can allow local users to prevent virus signatures from being updated

Max CVSS

5.5

EPSS Score

0.04%

Published

2019-10-28

Updated

2019-10-30

CVE-2010-3292

The update{_bad,}_phishing_sites scripts in mailscanner 4.79.11-2 downloads files and trusts them without using encryption (e.g., https) or digital signature checking which could allow an attacker to replace certain configuration files (e.g., phishing whitelist) via dns/packet spoofing.

Max CVSS

5.5

EPSS Score

0.04%

Published

2019-11-12

Updated

2019-11-15

CVE-2010-3095

mailscanner before 4.79.11-2.1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files. NOTE: this issue exists because of an incomplete fix for CVE-2008-5313.

Max CVSS

4.7

EPSS Score

0.04%

Published

2019-11-12

Updated

2019-11-15

3 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!