□ Overview
o Jiransecurity released security update to address stack-based buffer overflow vulnerability in Spamsniper.
Vulerability Type |
Impact |
Severity |
CVSS |
CVE ID |
Buffer overflow |
Code execution |
High |
8.1 |
CVE-2020-7845 |
□ Description
o Spamsniper contains a stack-based buffer overflow vulnerability caused by improper boundary checks when parsing MAIL FROM command. It leads remote attacker to execute arbitrary code via crafted packet.
□ Affected Products
Product |
Version |
Spamsniper |
version 5.0.2 ~ 5.7.5 |
□ Solution
o Update software over 5.7.6 version or latest patch (revision 5500)
□ 작성 : 침해사고분석단 취약점분석팀 |