Vulnerability Name:
CVE-2014-2972 (CCN-94758)
Assigned:
2014-07-22
Published:
2014-07-22
Updated:
2016-12-03
Summary:
expand.c in Exim before 4.83 expands mathematical comparisons twice, which allows local users to gain privileges and execute arbitrary commands via a crafted lookup value.
CVSS v3 Severity:
4.0 Medium
(CCN CVSS v3.1 Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
)
Exploitability Metrics:
Attack Vector (AV):
Local
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
None
Scope:
Scope (S):
Unchanged
Impact Metrics:
Confidentiality (C):
None
Integrity (I):
Low
Availibility (A):
None
CVSS v2 Severity:
4.6 Medium
(CVSS v2 Vector:
AV:L/AC:L/Au:N/C:P/I:P/A:P
)
3.4 Low
(Temporal CVSS v2 Vector:
AV:L/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C
)
Exploitability Metrics:
Access Vector (AV):
Local
Access Complexity (AC):
Low
Authentication (Au):
None
Impact Metrics:
Confidentiality (C):
Partial
Integrity (I):
Partial
Availibility (A):
Partial
2.1 Low
(CCN CVSS v2 Vector:
AV:L/AC:L/Au:N/C:N/I:P/A:N
)
1.6 Low
(CCN Temporal CVSS v2 Vector:
AV:L/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C
)
Exploitability Metrics:
Access Vector (AV):
Local
Access Complexity (AC):
Low
Athentication (Au):
None
Impact Metrics:
Confidentiality (C):
None
Integrity (I):
Partial
Availibility (A):
None
Vulnerability Type:
CWE-189
Vulnerability Consequences:
Other
References:
Source: MITRE
Type: CNA
CVE-2014-2972
Source: CONFIRM
Type: UNKNOWN
http://git.exim.org/exim.git/commitdiff/7685ce68148a083d7759e78d01aa5198fc099c44
Source: FEDORA
Type: UNKNOWN
FEDORA-2014-8803
Source: FEDORA
Type: UNKNOWN
FEDORA-2014-8865
Source: CCN
Type: oss-security Mailing List, Tue, 22 Jul 2014 11:44:44 -0400
Exim: 4.83 Released, CVE-2014-2972 fix
Source: CCN
Type: Exim Web site
Exim
Source: CCN
Type: BID-68857
Exim CVE-2014-2972 Local Privilege Escalation Vulnerability
Source: UBUNTU
Type: UNKNOWN
USN-2933-1
Source: CONFIRM
Type: UNKNOWN
https://bugzilla.redhat.com/show_bug.cgi?id=1122552
Source: XF
Type: UNKNOWN
exim-cve2012972-weak-security(94758)
Source: MLIST
Type: Patch, Vendor Advisory
[exim] 20140722 [exim] Exim 4.83 Released
Source: MLIST
Type: Vendor Advisory
[exim] 20140722 [exim] Exim Security Advisory CVE-2014-2972
Source: GENTOO
Type: UNKNOWN
GLSA-201607-12
Vulnerable Configuration:
Configuration 1
:
cpe:/a:exim:exim:4.00:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.01:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.02:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.03:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.04:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.05:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.10:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.11:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.12:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.14:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.20:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.21:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.22:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.23:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.24:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.30:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.31:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.32:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.33:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.34:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.40:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.41:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.42:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.43:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.44:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.50:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.51:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.52:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.53:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.54:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.60:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.61:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.62:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.63:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.64:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.65:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.66:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.67:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.68:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.69:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.70:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.71:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.72:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.73:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.74:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.75:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.76:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.77:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.80:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.80.1:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:4.82:*:*:*:*:*:*:*
OR
cpe:/a:exim:exim:*:*:*:*:*:*:*:*
(Version <= 4.82.1)
Configuration CCN 1
:
cpe:/a:exim:exim:4.82:*:*:*:*:*:*:*
Denotes that component is vulnerable
Oval Definitions
Definition ID
Class
Title
Last Modified
oval:org.opensuse.security:def:20142972
V
CVE-2014-2972
2022-06-30
oval:org.opensuse.security:def:112206
P
exim-4.86.2-2.2 on GA media (Moderate)
2022-01-17
oval:org.opensuse.security:def:105737
P
exim-4.86.2-2.2 on GA media (Moderate)
2021-10-01
oval:com.ubuntu.precise:def:20142972000
V
CVE-2014-2972 on Ubuntu 12.04 LTS (precise) - low.
2014-09-04
oval:com.ubuntu.trusty:def:20142972000
V
CVE-2014-2972 on Ubuntu 14.04 LTS (trusty) - low.
2014-09-04
BACK
exim
exim 4.00
exim
exim 4.01
exim
exim 4.02
exim
exim 4.03
exim
exim 4.04
exim
exim 4.05
exim
exim 4.10
exim
exim 4.11
exim
exim 4.12
exim
exim 4.14
exim
exim 4.20
exim
exim 4.21
exim
exim 4.22
exim
exim 4.23
exim
exim 4.24
exim
exim 4.30
exim
exim 4.31
exim
exim 4.32
exim
exim 4.33
exim
exim 4.34
exim
exim 4.40
exim
exim 4.41
exim
exim 4.42
exim
exim 4.43
exim
exim 4.44
exim
exim 4.50
exim
exim 4.51
exim
exim 4.52
exim
exim 4.53
exim
exim 4.54
exim
exim 4.60
exim
exim 4.61
exim
exim 4.62
exim
exim 4.63
exim
exim 4.64
exim
exim 4.65
exim
exim 4.66
exim
exim 4.67
exim
exim 4.68
exim
exim 4.69
exim
exim 4.70
exim
exim 4.71
exim
exim 4.72
exim
exim 4.73
exim
exim 4.74
exim
exim 4.75
exim
exim 4.76
exim
exim 4.77
exim
exim 4.80
exim
exim 4.80.1
exim
exim 4.82
exim
exim *
exim
exim 4.82
Denotes that component is vulnerable