icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Exim < 4.70 string_format Function Remote Overflow

High

Synopsis

The remote mail server is vulnerable to a command execution attack.

Description

The remote host is running Exim, a message transfer agent.

Versions of Exim earlier than 4.70 are potentially affected by a heap overflow vulnerability. By sending a specially crafted message to the server, a remote attacker can leverage this vulnerability to execute arbitrary code on the server subject to the privileges of the user running the affected application.

Solution

Upgrade to Exim 4.70 or later.