CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
93.8%
The DKIM implementation in Exim 4.7x before 4.76 permits matching for DKIM identities to apply to lookup items, instead of only strings, which allows remote attackers to execute arbitrary code or access a filesystem via a crafted identity.
Vendor | Product | Version | CPE |
---|---|---|---|
exim | exim | 4.70 | cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:* |
exim | exim | 4.71 | cpe:2.3:a:exim:exim:4.71:*:*:*:*:*:*:* |
exim | exim | 4.72 | cpe:2.3:a:exim:exim:4.72:*:*:*:*:*:*:* |
exim | exim | 4.73 | cpe:2.3:a:exim:exim:4.73:*:*:*:*:*:*:* |
exim | exim | 4.74 | cpe:2.3:a:exim:exim:4.74:*:*:*:*:*:*:* |
exim | exim | 4.75 | cpe:2.3:a:exim:exim:4.75:*:*:*:*:*:*:* |