Vulnerabilities > Exim > High

DATE CVE VULNERABILITY TITLE RISK
2021-05-06 CVE-2020-28016 Out-of-bounds Write vulnerability in Exim
Exim 4 before 4.94.2 allows an off-by-two Out-of-bounds Write because "-F ''" is mishandled by parse_fix_phrase.
local
low complexity
exim CWE-787
7.2
2021-05-06 CVE-2020-28018 Use After Free vulnerability in Exim
Exim 4 before 4.94.2 allows Use After Free in smtp_reset in certain situations that may be common for builds with OpenSSL.
network
low complexity
exim CWE-416
7.5
2021-05-06 CVE-2020-28020 Classic Buffer Overflow vulnerability in Exim
Exim 4 before 4.92 allows Integer Overflow to Buffer Overflow, in which an unauthenticated remote attacker can execute arbitrary code by leveraging the mishandling of continuation lines during header-length restriction.
network
low complexity
exim CWE-120
7.5
2021-05-06 CVE-2020-28022 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Exim
Exim 4 before 4.94.2 has Improper Restriction of Write Operations within the Bounds of a Memory Buffer.
network
low complexity
exim CWE-119
7.5
2021-05-06 CVE-2020-28024 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Exim
Exim 4 before 4.94.2 allows Buffer Underwrite that may result in unauthenticated remote attackers executing arbitrary commands, because smtp_ungetc was only intended to push back characters, but can actually push back non-character error codes such as EOF.
network
low complexity
exim CWE-119
7.5
2020-05-11 CVE-2020-12783 Out-of-bounds Read vulnerability in multiple products
Exim through 4.93 has an out-of-bounds read in the SPA authenticator that could result in SPA/NTLM authentication bypass in auths/spa.c and auths/auth-spa.c.
network
low complexity
exim fedoraproject debian canonical CWE-125
7.5
2020-04-02 CVE-2020-8015 Link Following vulnerability in Exim
A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of exim in openSUSE Factory allows local attackers to escalate from user mail to root.
local
low complexity
exim CWE-59
7.2
2017-11-25 CVE-2017-16943 Use After Free vulnerability in multiple products
The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via vectors involving BDAT commands.
network
low complexity
exim debian CWE-416
7.5
2011-10-05 CVE-2011-1764 USE of Externally-Controlled Format String vulnerability in Exim
Format string vulnerability in the dkim_exim_verify_finish function in src/dkim.c in Exim before 4.76 might allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers in data used in DKIM logging, as demonstrated by an identity field containing a % (percent) character.
network
low complexity
exim CWE-134
7.5
2011-05-16 CVE-2011-1407 Improper Input Validation vulnerability in Exim
The DKIM implementation in Exim 4.7x before 4.76 permits matching for DKIM identities to apply to lookup items, instead of only strings, which allows remote attackers to execute arbitrary code or access a filesystem via a crafted identity.
network
low complexity
exim CWE-20
7.5