SpamAssassin 2.5x, and 2.6x before 2.64, allows remote attackers to cause a denial of service via certain malformed messages.
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10413
https://exchange.xforce.ibmcloud.com/vulnerabilities/16938
https://bugzilla.fedora.us/show_bug.cgi?id=2268
http://www.securityfocus.com/bid/10957
http://www.mandriva.com/security/advisories?name=MDKSA-2004:084
http://security.gentoo.org/glsa/glsa-200408-06.xml
http://marc.info/?l=spamassassin-announce&m=109168121628767&w=2