CVE-2020-28020 Information
Share on:
Jun 06, 2022
cve
Description
Exim 4 before 4.92 allows Integer Overflow to Buffer Overflow in which an unauthenticated remote attacker can execute arbitrary code by leveraging the mishandling of continuation lines during header-length restriction.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Reference
https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28020-HSIZE.txt http://www.openwall.com/lists/oss-security/2021/07/25/1 http://www.openwall.com/lists/oss-security/2021/08/03/1
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
HIGH
Base Severity
9.8