Severity Critical
Remote Yes
Type Arbitrary code execution
A heap-based buffer overflow flaw was found in the loadbuf function in formisc.c in the formail utility in procmail <= 3.22 because of a hardcoded realloc size. When the buffer is too small, the function tries to resize it, but only by Bsize (=128) bytes which is not necessarily enough. A remote attacker could send a specially crafted email that, when processed by formail, could cause formail to crash or, possibly, execute arbitrary code as the user running formail.
Group Package Affected Fixed Severity Status Ticket
AVG-515 procmail 3.22-7 3.22-9 Critical Fixed
Date Advisory Group Package Severity Description
30 Nov 2017 ASA-201711-39 AVG-515 procmail Critical arbitrary code execution