The SpamAssassin Milter plug-in which plugs in to Milter and calls SpamAssassin, contains a security vulnerability which can be exploited by attackers using a crafted email to inject and execute code on a mail server. The SpamAssassin Milter plug-in is frequently used to run SpamAssassin on Postfix servers.
In order to exploit the vulnerability, the plug-in must be called with the -x expand flag. For attackers to obtain root privileges, as the author of the security advisory proclaims, the plug-in has to be started as root

The link for this article located at H Security is no longer available.