Upstream information
Description
Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass a $mime_filename extension-blocking protection mechanism, and potentially deliver executable attachments to the mailboxes of end users.SUSE information
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
SUSE Bugzilla entry: 1227423 [NEW]SUSE Security Advisories:
- openSUSE-SU-2024:0218-1, published Thu Jul 25 16:49:50 2024
List of released packages
Product(s) | Fixed package version(s) | References |
---|---|---|
SUSE Package Hub 15 SP5 |
| Patchnames: openSUSE-2024-218 |
openSUSE Leap 15.5 |
| Patchnames: openSUSE-2024-218 |
openSUSE Tumbleweed |
| Patchnames: openSUSE-Tumbleweed-2024-14196 |
SUSE Timeline for this CVE
CVE page created: Thu Jul 4 18:00:17 2024CVE page last modified: Wed Nov 27 12:22:08 2024