Exim has an unspecified vulnerability (CNVD-2022-56952)

2022-08-0900:00:00

China National Vulnerability Database

www.cnvd.org.cn

109

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

JSON

Exim is an open source messaging agent (MTA) running on Unix systems that routes, forwards, and delivers mail.A security vulnerability exists in versions of Exim prior to 4.95, which stems from a heap-based buffer overflow in the alias list in host_name_lookup when sender_host_name is set. No detailed vulnerability details are currently available.