Mandriva Linux Security Advisory 2013-064 - In bogofilter before 1.2.3, bogofilter's/bogolexer's base64 could overwrite heap memory in the character set conversion in certain pathological cases of invalid base64 code that decodes to incomplete multibyte characters.
94a47f4c0939f97348b6fd7cf18d03f8d815172bf9bcfd13ec4d5415b166e1d6
Ubuntu Security Notice 1667-1 - Julius Plenz discovered that bogofilter incorrectly handled certain invalid base64 code. By sending a specially crafted email, a remote attacker could exploit this and cause bogofilter to crash, resulting in a denial of service, or possibly execute arbitrary code.
02c9705e1cbd1923e513a5e01cd882df617228cba48ea98cd940faf6f4cd1488
Debian Linux Security Advisory 2585-1 - A heap-based buffer overflow was discovered in bogofilter, a software package for classifying mail messages as spam or non-spam. Crafted mail messages with invalid base64 data could lead to heap corruption and, potentially, arbitrary code execution.
11ee5d7ae1bc9a777eae865fc841f90afb66e75e160f9b9f372f62f6e325e14f