Exim 4 Heap-based Buffer Overflow Vulnerability

Exim 4 Heap-based Buffer Overflow Vulnerability

CVE-2020-28013 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exim 4 before 4.94.2 allows Heap-based Buffer Overflow because it mishandles "-F '.('" on the command line, and thus may allow privilege escalation from any user to root. This occurs because of the interpretation of negative sizes in strncpy.

Learn more about our User Device Pen Test.