Vulnerabilities > CVE-2020-28014 - Unspecified vulnerability in Exim

047910
CVSS 5.6 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
COMPLETE
local
low complexity
exim

Summary

Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. The -oP option is available to the exim user, and allows a denial of service because root-owned files can be overwritten.