7 matches found
Exim Reuse After Release Vulnerability
Exim was developed at Cambridge University as a Message Transfer Agent MTA for Unix systems connected to the Internet. A post-release reuse vulnerability in smtpreset in Exim when providing TLS encryption over OpenSSL can be exploited by an attacker to achieve remote code execution...
CVE-2020-28018
Exim 4 before 4.94.2 allows Use After Free in smtpreset in certain situations that may be common for builds with OpenSSL...
Design/Logic Flaw
Exim 4 before 4.94.2 allows Use After Free in smtpreset in certain situations that may be common for builds with OpenSSL...
CVE-2020-28018
Exim 4 before 4.94.2 is affected by a Use-After-Free in smtp_reset when TLS/OpenSSL is in use, enabling remote code execution via crafted TLS/SMTP sequences. The flaw centers on a freed gstring buffer in tls_write(), which can be referenced after smtp_reset frees pool memory, potentially leaking ...
CVE-2020-28018
Exim 4 before 4.94.2 allows Use After Free in smtpreset in certain situations that may be common for builds with OpenSSL...
CVE-2020-28018
Exim 4 before 4.94.2 allows Use After Free in smtpreset in certain situations that may be common for builds with OpenSSL...
CVE-2020-28018
Exim 4 before 4.94.2 allows Use After Free in smtpreset in certain situations that may be common for builds with OpenSSL...