Exim IP Address Command Line Argument Local Buffer Overflow Vulnerability

A local buffer overflow vulnerability triggered by an excessively long command line argument affects Exim. This issue is due to a failure of the application to validate the length of user-supplied data prior to attempting to store it in process buffers.

An attacker may leverage this issue to execute arbitrary code with the privileges of the affected mailer application. As the application is a setuid application, it is possible that further privilege escalation may occur.


Privacy Statement
Copyright 2010, SecurityFocus