CVE-2003-0743 in Eximinfo

Summary

Heap-based buffer overflow in smtp_in.c for Exim 3 (exim3) before 3.36 and Exim 4 (exim4) before 4.21 may allow remote attackers to execute arbitrary code via an invalid (1) HELO or (2) EHLO argument with a large number of spaces followed by a NULL character and a newline, which is not properly trimmed before the "(no argument given)" string is appended to the buffer.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

09/04/2003

Disclosure

10/20/2003

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-119 (Confirmed)

CVSS

7.3

EPSS

0.07018

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2003-0743
NVD	https://nvd.nist.gov/vuln/detail/CVE-2003-0743
CVE Details	https://www.cvedetails.com/cve/CVE-2003-0743/

◂ Previous Overview Next ▸

Want to know what is going to be exploited?

We predict KEV entries!