Vulnerabilities > University OF Cambridge > Exim
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-0022 | Remote Buffer Overflow vulnerability in University of Cambridge Exim 4.41/4.42 Buffer overflow in the spa_base64_to_bits function in Exim before 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow attackers to execute arbitrary code during SPA authentication. | 4.6 |
| 2005-05-02 | CVE-2005-0021 | Unspecified vulnerability in University of Cambridge Exim 4.41/4.42 Multiple buffer overflows in Exim before 4.43 may allow attackers to execute arbitrary code via (1) an IPv6 address with more than 8 components, as demonstrated using the -be command line option, which triggers an overflow in the host_aton function, or (2) the -bh command line option or dnsdb PTR lookup, which triggers an overflow in the dns_build_reverse function. | 7.2 |
| 2004-07-07 | CVE-2004-0400 | Unspecified vulnerability in University of Cambridge Exim Stack-based buffer overflow in Exim 4 before 4.33, when the headers_check_syntax option is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code during the header check. | 7.5 |
| 2004-07-07 | CVE-2004-0399 | Unspecified vulnerability in University of Cambridge Exim 3.35 Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the sender_verify option is true, allows remote attackers to cause a denial of service and possibly execute arbitrary code during sender verification. | 7.5 |
| 2003-10-20 | CVE-2003-0743 | Unspecified vulnerability in University of Cambridge Exim Heap-based buffer overflow in smtp_in.c for Exim 3 (exim3) before 3.36 and Exim 4 (exim4) before 4.21 may allow remote attackers to execute arbitrary code via an invalid (1) HELO or (2) EHLO argument with a large number of spaces followed by a NULL character and a newline, which is not properly trimmed before the "(no argument given)" string is appended to the buffer. | 7.5 |
| 2002-12-23 | CVE-2002-1381 | Unspecified vulnerability in University of Cambridge Exim 3.35/3.36/4.10 Format string vulnerability in daemon.c for Exim 4.x through 4.10, and 3.x through 3.36, allows exim administrative users to execute arbitrary code by modifying the pid_file_path value. | 7.2 |
| 2002-05-31 | CVE-2002-0274 | Buffer Overflow vulnerability in Exim Configuration File Argument Command Line Exim 3.34 and earlier may allow local users to gain privileges via a buffer overflow in long -C (configuration file) and other command line arguments. | 4.6 |
| 2001-12-19 | CVE-2001-0889 | Exim 3.22 and earlier, in some configurations, does not properly verify the local part of an address when redirecting the address to a pipe, which could allow remote attackers to execute arbitrary commands via shell metacharacters. | 7.5 |
| 2001-09-20 | CVE-2001-0690 | Format string vulnerability in exim (3.22-10 in Red Hat, 3.12 in Debian and 3.16 in Conectiva) in batched SMTP mode allows a remote attacker to execute arbitrary code via format strings in SMTP mail headers. | 7.5 |
| 1997-07-22 | CVE-1999-0971 | Unspecified vulnerability in University of Cambridge Exim Buffer overflow in Exim allows local users to gain root privileges via a long :include: option in a .forward file. | 7.2 |