Double Expansion Vulnerability in Exim before 4.83 Allows Privilege Escalation and Command Execution

Double Expansion Vulnerability in Exim before 4.83 Allows Privilege Escalation and Command Execution

CVE-2014-2972 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

expand.c in Exim before 4.83 expands mathematical comparisons twice, which allows local users to gain privileges and execute arbitrary commands via a crafted lookup value.

Learn more about our User Device Pen Test.