University Of Cambridge » Exim : Security Vulnerabilities, CVEs, (Overflow)
Buffer overflow in the spa_base64_to_bits function in Exim before 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow attackers to execute arbitrary code during SPA authentication.
Max CVSS
4.6
EPSS Score
0.16%
Published
2005-05-02
Updated
2017-10-11
Stack-based buffer overflow in Exim 4 before 4.33, when the headers_check_syntax option is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code during the header check.
Max CVSS
7.5
EPSS Score
3.89%
Published
2004-07-07
Updated
2017-07-11
Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the sender_verify option is true, allows remote attackers to cause a denial of service and possibly execute arbitrary code during sender verification.
Max CVSS
7.5
EPSS Score
36.51%
Published
2004-07-07
Updated
2017-07-11
Heap-based buffer overflow in smtp_in.c for Exim 3 (exim3) before 3.36 and Exim 4 (exim4) before 4.21 may allow remote attackers to execute arbitrary code via an invalid (1) HELO or (2) EHLO argument with a large number of spaces followed by a NULL character and a newline, which is not properly trimmed before the "(no argument given)" string is appended to the buffer.
Max CVSS
7.5
EPSS Score
12.90%
Published
2003-10-20
Updated
2016-10-18
Exim 3.34 and earlier may allow local users to gain privileges via a buffer overflow in long -C (configuration file) and other command line arguments.
Max CVSS
4.6
EPSS Score
0.04%
Published
2002-05-31
Updated
2016-10-18
Buffer overflow in Exim allows local users to gain root privileges via a long :include: option in a .forward file.
Max CVSS
7.2
EPSS Score
0.04%
Published
1997-07-22
Updated
2008-09-09
6 vulnerabilities found