Vulnerabilities > Mailscanner > Mailscanner > 4.79.11.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-11-12 | CVE-2010-3292 | Missing Encryption of Sensitive Data vulnerability in Mailscanner 4.79.112 The update{_bad,}_phishing_sites scripts in mailscanner 4.79.11-2 downloads files and trusts them without using encryption (e.g., https) or digital signature checking which could allow an attacker to replace certain configuration files (e.g., phishing whitelist) via dns/packet spoofing. | 2.1 |
2019-11-12 | CVE-2010-3095 | Link Following vulnerability in Mailscanner mailscanner before 4.79.11-2.1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files. | 3.3 |