FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

exim -- a buffer overflow vulnerability, remote code execution

Affected packages
exim < 4.90.1

Details

VuXML ID 316b3c3e-0e98-11e8-8d41-97657151f8c2
Discovery 2018-02-05
Entry 2018-02-10

Exim developers report:

There is a buffer overflow in base64d(), if some pre-conditions are met. Using a handcrafted message, remote code execution seems to be possible.

References

URL https://exim.org/static/doc/security/CVE-2018-6789.txt