CVE-2004-0399
exim-tls - buffer overflow
EPSS 42.1%
Description
Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the sender_verify option is true, allows remote attackers to cause a denial of service and possibly execute arbitrary code during sender verification.
How to fix CVE-2004-0399
To remediate CVE-2004-0399, upgrade the affected package to a fixed version below.
- Debian/exim—upgrade to 3.35-1woody3 or later
- Debian/exim4—upgrade to 4.33-1 or later
- Debian/exim-tls—upgrade to 3.35-3woody2 or later
Is CVE-2004-0399 being exploited?
Moderate — EPSS is 42.1%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (3)
- from 0, < 3.35-1woody3
- from 0, < 4.33-1
- from 0, < 3.35-3woody2