Описание
Exim 3.22 and earlier, in some configurations, does not properly verify the local part of an address when redirecting the address to a pipe, which could allow remote attackers to execute arbitrary commands via shell metacharacters.
Ссылки
- US Government Resource
- PatchVendor Advisory
- US Government Resource
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.22 (включая)
cpe:2.3:a:university_of_cambridge:exim:*:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:o:redhat:linux:*:*:*:*:*:*:*:*
EPSS
Процентиль: 76%
0.01007
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
redhat
больше 23 лет назад
Exim 3.22 and earlier, in some configurations, does not properly verify the local part of an address when redirecting the address to a pipe, which could allow remote attackers to execute arbitrary commands via shell metacharacters.
github
около 3 лет назад
Exim 3.22 and earlier, in some configurations, does not properly verify the local part of an address when redirecting the address to a pipe, which could allow remote attackers to execute arbitrary commands via shell metacharacters.
EPSS
Процентиль: 76%
0.01007
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other