Lucene search

PRIOn knowledge basePRION:CVE-2016-9963

HistoryFeb 01, 2017 - 3:59 p.m.

Code injection

2017-02-0115:59:00

PRIOn knowledge base

www.prio-n.com

6.9 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.6%

Exim before 4.87.1 might allow remote attackers to obtain the private DKIM signing key via vectors related to log files and bounce messages.

CPENameOperatorVersion
ubuntu_linuxeq16.10
ubuntu_linuxeq12.04
ubuntu_linuxeq16.04
ubuntu_linuxeq14.04
debian_linuxeq8.0
eximle4.87

Name	Operator	Version
ubuntu_linux	eq	16.10
ubuntu_linux	eq	12.04
ubuntu_linux	eq	16.04
ubuntu_linux	eq	14.04
debian_linux	eq	8.0
exim	le	4.87

References

www.debian.org/security/2016/dsa-3747

www.exim.org/static/doc/CVE-2016-9963.txt

www.securityfocus.com/bid/94947

www.securitytracker.com/id/1037484

www.ubuntu.com/usn/USN-3164-1

bugs.exim.org/show_bug.cgi?id=1996