Updated: 2022-05-25 08:33:57.661223
Description:
Exim 4 before 4.94.2 allows Integer Overflow to Buffer Overflow because get_stdinput allows unbounded reads that are accompanied by unbounded increases in a certain size variable. NOTE: exploitation may be impractical because of the execution time needed to overflow (multiple days).
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | HIGH | 7.2 |
| CVSS Version 3.x | HIGH | 7.8 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated |
|---|---|---|---|---|---|---|---|
| Ubuntu 16.04 ELS | exim | 4.86.2-2 | 7.8 | HIGH | Released | CLSA-2021:1640271821 | 2021-12-23 11:55:06 |