CVE-2005-0022
EPSS 1.5%
Description
Buffer overflow in the spa_base64_to_bits function in Exim before 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow attackers to execute arbitrary code during SPA authentication.
How to fix CVE-2005-0022
To remediate CVE-2005-0022, upgrade the affected package to a fixed version below.
- Debian/exim4—upgrade to 4.34-10 or later
Is CVE-2005-0022 being exploited?
Low — EPSS is 1.5%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 4.34-10