University Of Cambridge: >> Exim >> 4.42 Security Vulnerabilities
Multiple buffer overflows in Exim before 4.43 may allow attackers to execute arbitrary code via (1) an IPv6 address with more than 8 components, as demonstrated using the -be command line option, which triggers an overflow in the host_aton function, or (2) the -bh command line option or dnsdb PTR lookup, which triggers an overflow in the dns_build_reverse function.
CVSS Score
7.2
EPSS Score
0.028
Published
2005-05-02
Buffer overflow in the spa_base64_to_bits function in Exim before 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow attackers to execute arbitrary code during SPA authentication.
CVSS Score
4.6
EPSS Score
0.018
Published
2005-05-02