CVE-1999-0439

CVSS 2.0 Score 7.5 of 10 (high)

Details

Published Apr 5, 1999

Updated: Nov 20, 2024

Summary

CVE-1999-0439 is a buffer overflow vulnerability affecting procmail before version 3.12. This issue allows attackers, whether local or remote, to execute arbitrary commands by exploiting expansions in the procmailrc configuration file. The vulnerability arises from insufficient bounds checking in the handling of these expansions, leading to unintended data overwriting in memory. Successful exploitation could potentially result in the execution of malicious code and compromise of the system. It is important for affected users to upgrade to a patched version of procmail to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/NWlMwz
https://www.cve.org/CVERecord?id=CVE-1999-0439
https://nvd.nist.gov/vuln/detail/CVE-1999-0439

Back to Vulnerability Database

CVE-1999-0439

CVSS 2.0 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations