The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Exim

2 Exim: buffer overflow in string_vformat
An attacker can trigger a buffer overflow in string_vformat() in Exim, in order to trigger a denial of service, and possibly to run code...
2449, CERTFR-2019-AVI-474, CVE-2019-16928, DSA-4536-1, USN-4141-1, VIGILANCE-VUL-30470
3 Exim: buffer overflow
An attacker can generate a buffer overflow of Exim, in order to trigger a denial of service, and possibly to run code...
CERTFR-2018-ALE-004, CVE-2018-6789, DLA-1274-1, DSA-4110-1, FEDORA-2018-25a7ba3cb6, FEDORA-2018-5aec14e125, openSUSE-SU-2018:0468-1, USN-3565-1, VIGILANCE-VUL-25271
3 Exim: denial of service via ESMTP CHUNKING
An attacker can generate a fatal error via ESMTP CHUNKING of Exim, in order to trigger a denial of service...
2201, CVE-2017-16944, DSA-4053-1, FEDORA-2017-0032baa7d7, FEDORA-2017-0053bb9719, USN-3493-1, USN-3499-1, VIGILANCE-VUL-24537
4 Exim: use after free via ESMTP CHUNKING
An attacker can force the usage of a freed memory area via ESMTP CHUNKING of Exim, in order to trigger a denial of service, and possibly to run code...
2199, CERTFR-2017-ALE-017, CVE-2017-16943, DSA-4053-1, FEDORA-2017-0032baa7d7, FEDORA-2017-0053bb9719, openSUSE-SU-2017:3220-1, USN-3493-1, USN-3499-1, VIGILANCE-VUL-24536
2 Exim: memory corruption via Stack Clash
An attacker can generate a memory corruption via Stack Clash of Exim (with the -p option to extend the allocated memory), in order to trigger a denial of service, and possibly to run code...
CERTFR-2017-AVI-365, CVE-2017-1000369, DLA-1001-1, DSA-3888-1, FEDORA-2017-f5177f3a16, JSA10824, JSA10826, openSUSE-SU-2017:1625-1, openSUSE-SU-2017:2289-1, USN-3322-1, VIGILANCE-VUL-23007
2 Berkeley DB: privilege escalation via a DB_CONFIG file
An attacker can bypass restrictions via DB_CONFIG of Berkeley DB, in order to escalate his privileges...
CVE-2017-10140, DLA-1135-1, DLA-1136-1, DLA-1137-1, FEDORA-2017-014d67fa9d, FEDORA-2017-372bb1edb3, USN-3489-1, USN-3489-2, VIGILANCE-VUL-22972
2 Exim: information disclosure via DKIM Signing Key
An attacker can read Exim logs, in order to obtain the DKIM signature key...
CVE-2016-9963, DLA-762-1, DSA-3747-1, openSUSE-SU-2017:2289-1, USN-3164-1, VIGILANCE-VUL-21401
2 Exim: privilege escalation via perl_startup
A local attacker can use Exim configured with perl_startup, in order to escalate his privileges...
CVE-2016-1531, DSA-3517-1, FEDORA-2016-0e3ca94d88, FEDORA-2016-e062971917, openSUSE-SU-2016:0721-1, openSUSE-SU-2017:2289-1, USN-2933-1, VIGILANCE-VUL-19083
4 glibc: buffer overflow of gethostbyname, GHOST
An attacker can for example send an email using a long IPv4 address, to force the messaging server to resolve this address, and to generate a buffer overflow in gethostbyname() of the glibc, in order to trigger a denial of service, and possibly to execute code. Several programs using the gethostbyname() function are vulnerable with a similar attack vector...
198850, 199399, c04577814, c04589512, CERTFR-2015-AVI-043, cisco-sa-20150128-ghost, cpujul2015, cpujul2017, cpuoct2016, cpuoct2017, cpuoct2018, CTX200437, CVE-2015-0235, DSA-3142-1, ESA-2015-030, ESA-2015-041, GHOST, HPSBGN03270, HPSBGN03285, JSA10671, K16057, KM01391662, MDVSA-2015:039, openSUSE-SU-2015:0162-1, openSUSE-SU-2015:0184-1, PAN-SA-2015-0002, RHSA-2015:0090-01, RHSA-2015:0092-01, RHSA-2015:0099-01, RHSA-2015:0101-01, RHSA-2015:0126-01, SB10100, sk104443, SOL16057, SSA:2015-028-01, SSA-994726, SUSE-SU-2015:0158-1, USN-2485-1, VIGILANCE-VUL-16060, VU#967332
2 Exim: code execution via Double Expansion
A local attacker can edit a configuration file he has access to, in order to execute code with Exim privileges...
CVE-2014-2972, FEDORA-2014-8803, FEDORA-2014-8865, openSUSE-SU-2014:0983-1, openSUSE-SU-2014:0986-1, USN-2933-1, VIGILANCE-VUL-15086
Our database contains other pages. You can request a free trial to read them.

Display information about Exim: