CVE-2014-2972

expand.c in Exim before 4.83 expands mathematical comparisons twice, which allows local users to gain privileges and execute arbitrary commands via a crafted lookup value.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.6 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 38%
Affected Products (NVD)
VendorProductVersion
eximexim
𝑥
≤ 4.82.1
eximexim
4.00
eximexim
4.01
eximexim
4.02
eximexim
4.03
eximexim
4.04
eximexim
4.05
eximexim
4.10
eximexim
4.11
eximexim
4.12
eximexim
4.14
eximexim
4.20
eximexim
4.21
eximexim
4.22
eximexim
4.23
eximexim
4.24
eximexim
4.30
eximexim
4.31
eximexim
4.32
eximexim
4.33
eximexim
4.34
eximexim
4.40
eximexim
4.41
eximexim
4.42
eximexim
4.43
eximexim
4.44
eximexim
4.50
eximexim
4.51
eximexim
4.52
eximexim
4.53
eximexim
4.54
eximexim
4.60
eximexim
4.61
eximexim
4.62
eximexim
4.63
eximexim
4.64
eximexim
4.65
eximexim
4.66
eximexim
4.67
eximexim
4.68
eximexim
4.69
eximexim
4.70
eximexim
4.71
eximexim
4.72
eximexim
4.73
eximexim
4.74
eximexim
4.75
eximexim
4.76
eximexim
4.77
eximexim
4.80
eximexim
4.80.1
eximexim
4.82
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
exim4
bookworm
4.96-15+deb12u5
fixed
bookworm (security)
4.96-15+deb12u5
fixed
bullseye
4.94.2-7+deb11u3
fixed
bullseye (security)
4.94.2-7+deb11u4
fixed
sid
4.98-2
fixed
squeeze
no-dsa
trixie
4.98-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
exim4
lucid
ignored
precise
Fixed 4.76-3ubuntu3.3
released
trusty
Fixed 4.82-3ubuntu2.1
released
utopic
not-affected
vivid
not-affected
wily
not-affected
Amazon Linux logo
Amazon Linux Releases
Amazon Package
Release
exim
Amazon Linux 1
0:4.72-6.6.amzn1
fixed
exim-debuginfo
Amazon Linux 1
0:4.72-6.6.amzn1
fixed
exim-greylist
Amazon Linux 1
0:4.72-6.6.amzn1
fixed
exim-mon
Amazon Linux 1
0:4.72-6.6.amzn1
fixed
exim-mysql
Amazon Linux 1
0:4.72-6.6.amzn1
fixed
exim-pgsql
Amazon Linux 1
0:4.72-6.6.amzn1
fixed
Common Weakness Enumeration