Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/a:exim:exim:4.89:rc5
There are 8 matching records.
Displaying matches 1 through 8.
Vuln ID Summary CVSS Severity
CVE-2020-12783

Exim through 4.93 has an out-of-bounds read in the SPA authenticator that could result in SPA/NTLM authentication bypass in auths/spa.c and auths/auth-spa.c.

Published: May 11, 2020; 10:15:11 AM -0400
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2020-8015

A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of exim in openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: openSUSE Factory exim versions prior to 4.93.0.4-3.1.

Published: April 02, 2020; 4:15:21 AM -0400
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2019-15846

Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash.

Published: September 06, 2019; 7:15:11 AM -0400
V3.0: 9.8 CRITICAL
V2.0: 10.0 HIGH
CVE-2019-13917

Exim 4.85 through 4.92 (fixed in 4.92.1) allows remote code execution as root in some unusual configurations that use the ${sort } expansion for items that can be controlled by an attacker (e.g., $local_part or $domain).

Published: July 25, 2019; 4:15:11 PM -0400
V3.0: 9.8 CRITICAL
V2.0: 10.0 HIGH
CVE-2019-10149

A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.

Published: June 05, 2019; 10:29:11 AM -0400
V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2018-6789

An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely.

Published: February 08, 2018; 6:29:01 PM -0500
V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2017-16944

The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to cause a denial of service (infinite loop and stack exhaustion) via vectors involving BDAT commands and an improper check for a '.' character signifying the end of the content, related to the bdat_getc function.

Published: November 25, 2017; 12:29:00 PM -0500
V3.0: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2017-1000369

Exim supports the use of multiple "-p" command line arguments which are malloc()'ed and never free()'ed, used in conjunction with other issues allows attackers to cause arbitrary code execution. This affects exim version 4.89 and earlier. Please note that at this time upstream has released a patch (commit 65e061b76867a9ea7aeeb535341b790b90ae6c21), but it is not known if a new point release is available that addresses this issue at this time.

Published: June 19, 2017; 12:29:00 PM -0400
V3.1: 4.0 MEDIUM
V2.0: 2.1 LOW