Multiple buffer overflows in Exim prior to 4.43 may allow malicious users to execute arbitrary code via (1) an IPv6 address with more than 8 components, as demonstrated using the -be command line option, which triggers an overflow in the host_aton function, or (2) the -bh command line option or dnsdb PTR lookup, which triggers an overflow in the dns_build_reverse function.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
university of cambridge exim |
||
university of cambridge exim 4.41 |
||
university of cambridge exim 4.42 |