8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
8 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
29.0%
exim is vulnerable to Stack-based Overflow. The vulnerability arises from the absence of proper validation of user-supplied data length before copying it into a fixed-length stack-based buffer during the handling of NTLM challenge requests in the SMTP challenge component. This allows an attacker to cause an application crash through malicious code injection.
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
8 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
29.0%