[exim-dev] [Bug 2848] New: Integer overflow in receive_add_…

Page principale
Supprimer ce message
Répondre à ce message
Auteur: admin
Date:  
À: exim-dev
Sujet: [exim-dev] [Bug 2848] New: Integer overflow in receive_add_recipient() (CVE-2020-28017)
https://bugs.exim.org/show_bug.cgi?id=2848

            Bug ID: 2848
           Summary: Integer overflow in receive_add_recipient()
                    (CVE-2020-28017)
           Product: Exim
           Version: 4.92
          Hardware: All
                OS: All
            Status: NEW
          Severity: wishlist
          Priority: low
         Component: Mail Receipt
          Assignee: unallocated@???
          Reporter: mehmetgelivin@???
                CC: exim-dev@???
             Group: exim-security


Exim 4 before 4.94.2 allows Integer Overflow to Buffer Overflow in
receive_add_recipient via an e-mail message with fifty million recipients.
NOTE: remote exploitation may be difficult because of resource consumption.

--
You are receiving this mail because:
You are on the CC list for the bug.