CVE-2014-3618

EPSS 9.8%

procmail - security update

Published: 9/8/2014Modified: 4/28/2026

Description

Heap-based buffer overflow in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted email header, related to "unbalanced quotes."

Affected packages (3)

Debian/procmailfrom 0, < 3.22-22
Debian/procmailfrom 0, < 3.22-19+deb6u1
Debian/procmailfrom 0, < 3.22-20+deb7u1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2014-3618