9.6 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.092 Low
EPSS
Percentile
94.6%
It was discovered that the Exim daemon did not correctly handle format
strings in DKIM headers. An unauthenticated remote attacker could send
specially crafted email to run arbitrary code as the Exim user. The
default compiler options for affected releases reduces the vulnerability
to a denial of service under most conditions.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 11.04 | noarch | exim4-daemon-heavy | < 4.74-1ubuntu1.1 | UNKNOWN |
Ubuntu | 11.04 | noarch | exim4-base | < 4.74-1ubuntu1.1 | UNKNOWN |
Ubuntu | 11.04 | noarch | exim4-daemon-heavy-dbg | < 4.74-1ubuntu1.1 | UNKNOWN |
Ubuntu | 11.04 | noarch | exim4-daemon-light | < 4.74-1ubuntu1.1 | UNKNOWN |
Ubuntu | 11.04 | noarch | exim4-daemon-light-dbg | < 4.74-1ubuntu1.1 | UNKNOWN |
Ubuntu | 11.04 | noarch | exim4-dbg | < 4.74-1ubuntu1.1 | UNKNOWN |
Ubuntu | 11.04 | noarch | exim4-dev | < 4.74-1ubuntu1.1 | UNKNOWN |
Ubuntu | 11.04 | noarch | eximon4 | < 4.74-1ubuntu1.1 | UNKNOWN |
Ubuntu | 11.04 | noarch | exim4-daemon-custom | < 4.74-1ubuntu1.1 | UNKNOWN |
Ubuntu | 10.10 | noarch | exim4-daemon-heavy | < 4.72-1ubuntu1.2 | UNKNOWN |