Home

CVE-2019-13917

Description

Exim 4.85 through 4.92 (fixed in 4.92.1) allows remote code execution as root in some unusual configurations that use the ${sort } expansion for items that can be controlled by an attacker (e.g., $local_part or $domain).

Risk Information

Base Score
9.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
19.865

Associated Vulnerability

VulnerabilityOS Platform
Exim is a mail transport agent (USN-4075-1) exim4-daemon-heavy_4.92-4ubuntu1.2_i386.debLinux
Exim is a mail transport agent (USN-4075-1) exim4-daemon-heavy_4.92-4ubuntu1.2_amd64.debLinux
Exim is a mail transport agent (USN-4075-1) exim4-daemon-heavy_4.86.2-2ubuntu2.4_i386.debLinux
Exim is a mail transport agent (USN-4075-1) exim4-daemon-heavy_4.86.2-2ubuntu2.4_amd64.debLinux
Exim is a mail transport agent (USN-4075-1) exim4-daemon-heavy_4.90.1-1ubuntu1.3_i386.debLinux
Exim is a mail transport agent (USN-4075-1) exim4-daemon-heavy_4.90.1-1ubuntu1.3_amd64.debLinux
Exim is a mail transport agent (USN-4075-1) exim4-daemon-light_4.92-4ubuntu1.2_i386.debLinux
Exim is a mail transport agent (USN-4075-1) exim4-daemon-light_4.92-4ubuntu1.2_amd64.debLinux
Exim is a mail transport agent (USN-4075-1) exim4-daemon-light_4.86.2-2ubuntu2.4_i386.debLinux
Exim is a mail transport agent (USN-4075-1) exim4-daemon-light_4.86.2-2ubuntu2.4_amd64.debLinux
Exim is a mail transport agent (USN-4075-1) exim4-daemon-light_4.90.1-1ubuntu1.3_i386.debLinux
Exim is a mail transport agent (USN-4075-1) exim4-daemon-light_4.90.1-1ubuntu1.3_amd64.debLinux
exim4 security update(DSA-4488-1) exim4_4.89-2+deb9u5_all.debLinux
exim4 security update(DSA-4488-1) exim4_4.92-8+deb10u1_all.debLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234