Описание
Exim before 4.95 has a heap-based buffer overflow for the alias list in host_name_lookup in host.c when sender_host_name is set.
Ссылки
- PatchThird Party Advisory
- PatchRelease NotesThird Party Advisory
- Release NotesThird Party Advisory
- ExploitPatchThird Party Advisory
- Mailing ListThird Party Advisory
- Vendor Advisory
- Mailing ListThird Party Advisory
- PatchThird Party Advisory
- PatchRelease NotesThird Party Advisory
- Release NotesThird Party Advisory
- ExploitPatchThird Party Advisory
- Mailing ListThird Party Advisory
- Vendor Advisory
- Mailing ListThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 4.95 (исключая)
cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
EPSS
Процентиль: 89%
0.04696
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-787
Связанные уязвимости
CVSS3: 9.8
ubuntu
больше 3 лет назад
Exim before 4.95 has a heap-based buffer overflow for the alias list in host_name_lookup in host.c when sender_host_name is set.
CVSS3: 9.8
debian
больше 3 лет назад
Exim before 4.95 has a heap-based buffer overflow for the alias list i ...
CVSS3: 9.8
github
больше 3 лет назад
Exim before 4.95 has a heap-based buffer overflow for the alias list in host_name_lookup in host.c when sender_host_name is set.
CVSS3: 9.8
fstec
больше 3 лет назад
Уязвимость функции host_name_lookup (host.c) почтового сервера Exim, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
EPSS
Процентиль: 89%
0.04696
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-787