Lucene search
K

4 matches found

OSV
OSV
added 2024/09/06 11:9 a.m.3 views

OESA-2024-2105 exim security update

Exim is a message transfer agent MTA developed at the University of Cambridge for use on Unix systems connected to the Internet. It is freely available under the terms of the GNU General Public Licence. In style it is similar to Smail 3, but its facilities are more general. There is a great deal ...

5.4CVSS7AI score0.41225EPSS
Exploits5References2
SUSE CVE
SUSE CVE
added 2024/07/06 2:58 a.m.3 views

SUSE CVE-2024-39929

Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass a $mimefilename extension-blocking protection mechanism, and potentially deliver executable attachments to the mailboxes of end users...

5.4CVSS7AI score0.41225EPSS
Exploits5References4
AstraLinux
AstraLinux
added 2024/06/26 1:32 p.m.6 views

Astra Linux – Vulnerability in exim4

In versions of Exim up to 4.97.1, misparse processes multi-line RFC 2231 header filenames. As a result, remote attackers can bypass the protection mechanism that blocks $mimefilename extensions, and potentially deliver executable attachments to the mailboxes of end users...

5.4CVSS7AI score0.41225EPSS
Exploits5References3
OSV
OSV
added 2018/01/03 8:29 p.m.2 views

DEBIAN-CVE-2017-1000472

The ZipCommon::isValidPath function in Zip/src/ZipCommon.cpp in POCO C++ Libraries before 1.8 does not properly restrict the filename value in the ZIP header, which allows attackers to conduct absolute path traversal attacks during the ZIP decompression, and possibly create or overwrite arbitrary...

6.5CVSS7AI score0.01681EPSS
Exploits1References1
Rows per page
Query Builder