University Of Cambridge Exim — known CVE vulnerabilities
Every CVE whose affected-product data names University Of Cambridge Exim, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2003-0743 — CVSS 7.5 (high): Heap-based buffer overflow in smtp_in.c for Exim 3 (exim3) before 3.36 and Exim 4 (exim4) before 4.21 may allow remote attackers to execute…
CVE-2004-0399 — CVSS 7.5 (high): Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the sender_verify option is true, allows remote attackers to…
CVE-2001-0889 — CVSS 7.5 (high): Exim 3.22 and earlier, in some configurations, does not properly verify the local part of an address when redirecting the address to a…
CVE-2004-0400 — CVSS 7.5 (high): Stack-based buffer overflow in Exim 4 before 4.33, when the headers_check_syntax option is enabled, allows remote attackers to cause a…
CVE-2001-0690 — CVSS 7.5 (high): Format string vulnerability in exim (3.22-10 in Red Hat, 3.12 in Debian and 3.16 in Conectiva) in batched SMTP mode allows a remote…
CVE-1999-0971 — CVSS 7.2 (high): Buffer overflow in Exim allows local users to gain root privileges via a long :include: option in a .forward file.
CVE-2002-1381 — CVSS 7.2 (high): Format string vulnerability in daemon.c for Exim 4.x through 4.10, and 3.x through 3.36, allows exim administrative users to execute…
CVE-2005-0021 — CVSS 7.2 (high): Multiple buffer overflows in Exim before 4.43 may allow attackers to execute arbitrary code via (1) an IPv6 address with more than 8…
CVE-2005-0022 — CVSS 4.6 (medium): Buffer overflow in the spa_base64_to_bits function in Exim before 4.43, as originally obtained from Samba code, and as called by the…
CVE-2002-0274 — CVSS 4.6 (medium): Exim 3.34 and earlier may allow local users to gain privileges via a buffer overflow in long -C (configuration file) and other command line…