[exim-dev] [Bug 2848] New: Integer overflow in receive_add_recipient() (CVE-2020-28017)

admin--- via Exim-dev Mon, 20 Dec 2021 07:30:45 -0800

https://bugs.exim.org/show_bug.cgi?id=2848


            Bug ID: 2848
           Summary: Integer overflow in receive_add_recipient()
                    (CVE-2020-28017)
           Product: Exim
           Version: 4.92
          Hardware: All
                OS: All
            Status: NEW
          Severity: wishlist
          Priority: low
         Component: Mail Receipt
          Assignee: [email protected]
          Reporter: [email protected]
                CC: [email protected]
             Group: exim-security

Exim 4 before 4.94.2 allows Integer Overflow to Buffer Overflow in
receive_add_recipient via an e-mail message with fifty million recipients. 
NOTE: remote exploitation may be difficult because of resource consumption.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim 
details at http://www.exim.org/ ##

[exim-dev] [Bug 2848] New: Integer overflow in receive_add_recipient() (CVE-2020-28017)

Reply via email to