CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
29.6%
It was discovered that Exim incorrectly handled certain challenge requests.
A remote attacker could possibly use this issue to perform out-of-bounds
reads, resulting in information leakage. (CVE-2023-42114)
It was discovered that Exim incorrectly handled validation of user-supplied
data. A remote attacker could possibly use this issue to perform
out-of-bounds writes, resulting in arbitrary code execution. This issue
only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 23.04.
(CVE-2023-42115)
It was discovered that Exim incorrectly handled certain challenge requests.
A remote attacker could possibly use this issue to perform out-of-bounds
writes, resulting in arbitrary code execution. (CVE-2023-42116)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 23.04 | noarch | exim4 | < 4.96-14ubuntu1.2 | UNKNOWN |
Ubuntu | 23.04 | noarch | exim4-base | < 4.96-14ubuntu1.2 | UNKNOWN |
Ubuntu | 23.04 | noarch | exim4-base-dbgsym | < 4.96-14ubuntu1.2 | UNKNOWN |
Ubuntu | 23.04 | noarch | exim4-config | < 4.96-14ubuntu1.2 | UNKNOWN |
Ubuntu | 23.04 | noarch | exim4-daemon-heavy | < 4.96-14ubuntu1.2 | UNKNOWN |
Ubuntu | 23.04 | noarch | exim4-daemon-heavy-dbgsym | < 4.96-14ubuntu1.2 | UNKNOWN |
Ubuntu | 23.04 | noarch | exim4-daemon-light | < 4.96-14ubuntu1.2 | UNKNOWN |
Ubuntu | 23.04 | noarch | exim4-daemon-light-dbgsym | < 4.96-14ubuntu1.2 | UNKNOWN |
Ubuntu | 23.04 | noarch | exim4-dev | < 4.96-14ubuntu1.2 | UNKNOWN |
Ubuntu | 23.04 | noarch | eximon4 | < 4.96-14ubuntu1.2 | UNKNOWN |