Debian Exim4 vulnerabilities
62 known vulnerabilities affecting debian/exim4.
Total CVEs
62
CISA KEV
5
actively exploited
Public exploits
10
Exploited in wild
7
Severity breakdown
CRITICAL16HIGH26MEDIUM11LOW9
Vulnerabilities
Page 4 of 4
CVE-2017-1000369P4MEDIUMCVSS 4.0fixed in exim4 4.89-3 (bookworm)2017
CVE-2017-1000369 [MEDIUM] CVE-2017-1000369: exim4 - Exim supports the use of multiple "-p" command line arguments which are malloc()...
Exim supports the use of multiple "-p" command line arguments which are malloc()'ed and never free()'ed, used in conjunction with other issues allows attackers to cause arbitrary code execution. This affects exim version 4.89 and earlier. Please note that at this time upstream has released a patch (commit 65e061b76867a9ea7aeeb535341b790b90ae6c21), but it is not
debian
CVE-2010-2023P4LOWCVSS 4.4fixed in exim4 4.72-1 (bookworm)2010
CVE-2010-2023 [MEDIUM] CVE-2010-2023: exim4 - transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit ma...
transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit mail directory is used, does not verify the st_nlink field of mailbox files, which allows local users to cause a denial of service or possibly gain privileges by creating a hard link to another user's file.
Scope: local
bookworm: resolved (fixed in 4.72-1)
bullseye: resolved (fixed in 4.72-1
debian
← Previous4 / 4