Unrated severityNVD Advisory· Published May 6, 2021· Updated Aug 4, 2024
CVE-2020-28013
CVE-2020-28013
Description
Exim 4 before 4.94.2 allows Heap-based Buffer Overflow because it mishandles "-F '.('" on the command line, and thus may allow privilege escalation from any user to root. This occurs because of the interpretation of negative sizes in strncpy.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8- Exim/Eximdescription
- osv-coords6 versionspkg:rpm/opensuse/exim&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/exim&distro=openSUSE%20Tumbleweedpkg:rpm/suse/exim&distro=SUSE%20Package%20Hub%2015%20SP1pkg:rpm/suse/exim&distro=SUSE%20Package%20Hub%2015%20SP2pkg:rpm/suse/libspf2&distro=SUSE%20Package%20Hub%2015%20SP1pkg:rpm/suse/libspf2&distro=SUSE%20Package%20Hub%2015%20SP2
< 4.94.2-lp152.8.3.1+ 5 more
- (no CPE)range: < 4.94.2-lp152.8.3.1
- (no CPE)range: < 4.94.2-4.2
- (no CPE)range: < 4.94.2-bp151.2.4.1
- (no CPE)range: < 4.94.2-bp152.6.4.1
- (no CPE)range: < 1.2.10-bp151.4.1
- (no CPE)range: < 1.2.10-bp152.5.1
Patches
Vulnerability mechanics
References
1- www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28013-PFPSN.txtmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.