vulnerability

Exim: Handcrafted message can cause a buffer overflow (CVE-2018-6789)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:L/Au:N/C:P/I:P/A:P)	Feb 8, 2018	Jun 7, 2019	May 3, 2022

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:P/A:P)

Published

Feb 8, 2018

Added

Jun 7, 2019

Modified

May 3, 2022

Description

An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely.

Solution

exim-upgrade-4_90_1

References

BID-103049
CVE-2018-6789
https://attackerkb.com/topics/CVE-2018-6789
DEBIAN-DSA-4110

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report