Описание
Exim 4 before 4.94.2 allows Use After Free in smtp_reset in certain situations that may be common for builds with OpenSSL.
Exim 4 before 4.94.2 allows Use After Free in smtp_reset in certain situations that may be common for builds with OpenSSL.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2020-28018
- https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28018-OCORK.txt
- http://www.openwall.com/lists/oss-security/2021/05/11/14
- http://www.openwall.com/lists/oss-security/2021/05/11/15
- http://www.openwall.com/lists/oss-security/2021/05/11/17
- http://www.openwall.com/lists/oss-security/2021/05/11/5
- http://www.openwall.com/lists/oss-security/2021/05/11/6
- http://www.openwall.com/lists/oss-security/2021/05/12/2
- http://www.openwall.com/lists/oss-security/2021/05/12/3
Связанные уязвимости
Exim 4 before 4.94.2 allows Use After Free in smtp_reset in certain situations that may be common for builds with OpenSSL.
Exim 4 before 4.94.2 allows Use After Free in smtp_reset in certain situations that may be common for builds with OpenSSL.
Exim 4 before 4.94.2 allows Use After Free in smtp_reset in certain si ...
Уязвимость компонента tls-openssl.c агента пересылки сообщений Exim, связанная с использованием памяти после ее освобождения, позволяющая нарушителю повысить привилегии в системе и выполнить произвольный код
