Search CVE reports
51 – 60 of 62 results
CVE-2011-1764
Medium priorityFormat string vulnerability in the dkim_exim_verify_finish function in src/dkim.c in Exim before 4.76 might allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers...
1 affected packages
exim4
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| exim4 | — | — | — | — | — |
CVE-2011-0017
Medium priorityThe open_log function in log.c in Exim 4.72 and earlier does not check the return value from (1) setuid or (2) setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack.
1 affected packages
exim4
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| exim4 | — | — | — | — | — |
CVE-2010-4345
Medium priorityExim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the...
1 affected packages
exim4
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| exim4 | — | — | — | — | — |
CVE-2010-4344
High priorityHeap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message...
1 affected packages
exim4
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| exim4 | — | — | — | — | — |
CVE-2010-2024
Low prioritySome fixes available 5 of 6
transports/appendfile.c in Exim before 4.72, when MBX locking is enabled, allows local users to change permissions of arbitrary files or create arbitrary files, and cause a denial of service or possibly gain privileges, via a...
1 affected packages
exim4
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| exim4 | — | — | — | — | — |
CVE-2010-2023
Low prioritySome fixes available 5 of 6
transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit mail directory is used, does not verify the st_nlink field of mailbox files, which allows local users to cause a denial of service or possibly gain...
1 affected packages
exim4
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| exim4 | — | — | — | — | — |
CVE-2006-2753
Unknown prioritySQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK,...
3 affected packages
exim4, mysql-dfsg, mysql-dfsg-5.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| exim4 | — | — | — | — | — |
| mysql-dfsg | — | — | — | — | — |
| mysql-dfsg-5.0 | — | — | — | — | — |
CVE-2006-2314
Unknown prioritySome fixes available 21 of 24
PostgreSQL 8.1.x before 8.1.4, 8.0.x before 8.0.8, 7.4.x before 7.4.13, 7.3.x before 7.3.15, and earlier versions allows context-dependent attackers to bypass SQL injection protection methods in applications that use multibyte...
14 affected packages
amarok, dovecot, exim4, libapache2-mod-auth-pgsql, php5...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| amarok | — | — | — | — | — |
| dovecot | — | — | — | — | — |
| exim4 | — | — | — | — | — |
| libapache2-mod-auth-pgsql | — | — | — | — | — |
| php5 | — | — | — | — | — |
| postfix | — | — | — | — | — |
| postgresql | — | — | — | — | — |
| postgresql-7.4 | — | — | — | — | — |
| postgresql-8.1 | — | — | — | — | — |
| postgresql-8.2 | — | — | — | — | — |
| psycopg | — | — | — | — | — |
| psycopg2 | — | — | — | — | — |
| pygresql | — | — | — | — | — |
| python-pgsql | — | — | — | — | — |
CVE-2005-0022
Unknown priorityBuffer overflow in the spa_base64_to_bits function in Exim before 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow attackers to execute arbitrary code during SPA authentication.
1 affected packages
exim4
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| exim4 | — | — | — | — | — |
CVE-2005-0021
Unknown priorityMultiple buffer overflows in Exim before 4.43 may allow attackers to execute arbitrary code via (1) an IPv6 address with more than 8 components, as demonstrated using the -be command line option, which triggers an overflow in the...
2 affected packages
exim, exim4
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| exim | — | — | — | — | — |
| exim4 | — | — | — | — | — |