Total vulnerabilities in the database
Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to improper rejection logging.
| Software | From | Fixed in |
|---|---|---|
| exim / exim | - | 4.70 |
| opensuse / opensuse | 11.1 | 11.1.x |
| opensuse / opensuse | 11.2 | 11.2.x |
| opensuse / opensuse | 11.3 | 11.3.x |
| debian / debian_linux | 5.0 | 5.0.x |
| canonical / ubuntu_linux | 9.10 | 9.10.x |
| canonical / ubuntu_linux | 8.04 | 8.04.x |
| canonical / ubuntu_linux | 6.06 | 6.06.x |