Heap-based buffer overflow in smtp_in.c for Exim 3 (exim3) before 3.36 and Exim 4 (exim4) before 4.21 may allow remote attackers to execute arbitrary code via an invalid (1) HELO or (2) EHLO argument with a large number of spaces followed by a NULL character and a newline, which is not properly trimmed before the "(no argument given)" string is appended to the buffer.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2003-09-06T04:00:00
Updated: 2016-10-17T13:57:01
Reserved: 2003-09-04T00:00:00
Link: CVE-2003-0743
JSON object: View
NVD Information
Status : Modified
Published: 2003-10-20T04:00:00.000
Modified: 2016-10-18T02:37:07.410
Link: CVE-2003-0743
JSON object: View
Redhat Information
No data.
CWE