National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:exim:exim:3.12
There are 12 matching records.
Vuln ID Summary CVSS Severity
CVE-2018-6789

An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely.

Published: February 08, 2018; 06:29:01 PM -05:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2017-1000369

Exim supports the use of multiple "-p" command line arguments which are malloc()'ed and never free()'ed, used in conjunction with other issues allows attackers to cause arbitrary code execution. This affects exim version 4.89 and earlier. Please note that at this time upstream has released a patch (commit 65e061b76867a9ea7aeeb535341b790b90ae6c21), but it is not known if a new point release is available that addresses this issue at this time.

Published: June 19, 2017; 12:29:00 PM -04:00
V3: 4.0 MEDIUM
V2: 2.1 LOW
CVE-2016-9963

Exim before 4.87.1 might allow remote attackers to obtain the private DKIM signing key via vectors related to log files and bounce messages.

Published: February 01, 2017; 10:59:00 AM -05:00
V3: 5.9 MEDIUM
V2: 2.6 LOW
CVE-2016-1531

Exim before 4.86.2, when installed setuid root, allows local users to gain privileges via the perl_startup argument.

Published: April 07, 2016; 07:59:04 PM -04:00
V3: 7.0 HIGH
V2: 6.9 MEDIUM
CVE-2014-2972

expand.c in Exim before 4.83 expands mathematical comparisons twice, which allows local users to gain privileges and execute arbitrary commands via a crafted lookup value.

Published: September 04, 2014; 01:55:05 PM -04:00
V2: 4.6 MEDIUM
CVE-2014-2957

The dmarc_process function in dmarc.c in Exim before 4.82.1, when EXPERIMENTAL_DMARC is enabled, allows remote attackers to execute arbitrary code via the From header in an email, which is passed to the expand_string function.

Published: September 04, 2014; 01:55:05 PM -04:00
V2: 6.8 MEDIUM
CVE-2011-1764

Format string vulnerability in the dkim_exim_verify_finish function in src/dkim.c in Exim before 4.76 might allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers in data used in DKIM logging, as demonstrated by an identity field containing a % (percent) character.

Published: October 04, 2011; 10:56:24 PM -04:00
V2: 7.5 HIGH
CVE-2011-0017

The open_log function in log.c in Exim 4.72 and earlier does not check the return value from (1) setuid or (2) setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack.

Published: February 01, 2011; 08:00:06 PM -05:00
V2: 6.9 MEDIUM
CVE-2010-4345

Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.

Published: December 14, 2010; 11:00:04 AM -05:00
V2: 6.9 MEDIUM
CVE-2010-4344

Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to improper rejection logging.

Published: December 14, 2010; 11:00:04 AM -05:00
V2: 9.3 HIGH
CVE-2010-2024

transports/appendfile.c in Exim before 4.72, when MBX locking is enabled, allows local users to change permissions of arbitrary files or create arbitrary files, and cause a denial of service or possibly gain privileges, via a symlink attack on a lockfile in /tmp/.

Published: June 07, 2010; 01:12:48 PM -04:00
V2: 4.4 MEDIUM
CVE-2010-2023

transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit mail directory is used, does not verify the st_nlink field of mailbox files, which allows local users to cause a denial of service or possibly gain privileges by creating a hard link to another user's file.

Published: June 07, 2010; 01:12:48 PM -04:00
V2: 4.4 MEDIUM