CVE-2005-1266
spamassassin - mail header parsing error
EPSS 6.0%
Description
Apache SpamAssassin 3.0.1, 3.0.2, and 3.0.3 allows remote attackers to cause a denial of service (CPU consumption and slowdown) via a message with a long Content-Type header without any boundaries.
How to fix CVE-2005-1266
To remediate CVE-2005-1266, upgrade the affected package to a fixed version below.
- Debian/spamassassin—upgrade to 3.0.4-1 or later
- Debian/spamassassin—upgrade to 3.0.3-2 or later
- Debian/spamassassin—upgrade to 3.0.3-2 or later
Is CVE-2005-1266 being exploited?
Moderate — EPSS is 6.0%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (3)
- from 0, < 3.0.4-1
- from 0, < 3.0.3-2
- from 0, < 3.0.3-2