CVE-2020-12783

Опубликовано: 11 мая 2020

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 5

CVSS3: 7.5

Описание

Exim through 4.93 has an out-of-bounds read in the SPA authenticator that could result in SPA/NTLM authentication bypass in auths/spa.c and auths/auth-spa.c.

Релиз	Статус	Примечание
bionic	released	4.90.1-1ubuntu1.5
devel	not-affected	4.94-2ubuntu1
eoan	released	4.92.1-1ubuntu3.1
esm-infra-legacy/trusty	released	4.82-3ubuntu2.4+esm2
esm-infra/bionic	released	4.90.1-1ubuntu1.5
esm-infra/focal	released	4.93-13ubuntu1.1
esm-infra/xenial	released	4.86.2-2ubuntu2.6
focal	released	4.93-13ubuntu1.1
precise/esm	DNE
trusty	ignored	end of standard support

Показывать по

Ссылки на источники

EPSS

Процентиль: 80%

0.01448

Низкий

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

CVE-2020-12783

CVSS3: 7.5

redhat

почти 6 лет назад

Exim through 4.93 has an out-of-bounds read in the SPA authenticator that could result in SPA/NTLM authentication bypass in auths/spa.c and auths/auth-spa.c.

CVE-2020-12783

CVSS3: 7.5

nvd

больше 5 лет назад

Exim through 4.93 has an out-of-bounds read in the SPA authenticator that could result in SPA/NTLM authentication bypass in auths/spa.c and auths/auth-spa.c.

CVE-2020-12783

CVSS3: 7.5

debian

больше 5 лет назад

Exim through 4.93 has an out-of-bounds read in the SPA authenticator t ...

GHSA-mqxr-gww5-9jhp

CVSS3: 7.5

github

больше 3 лет назад

Exim through 4.93 has an out-of-bounds read in the SPA authenticator that could result in SPA/NTLM authentication bypass in auths/spa.c and auths/auth-spa.c.

BDU:2020-04091

CVSS3: 5.3

fstec

больше 5 лет назад

Уязвимость компонентов auths/spa.c и auths/auth-spa.c почтового сервера Exim, позволяющая нарушителю получить доступ к конфиденциальным данным

EPSS

Процентиль: 80%

0.01448

Низкий

5 Medium

CVSS2

7.5 High

CVSS3

CVE-2020-12783

Описание

Пакет exim4

Ссылки на источники

Связанные уязвимости