Buffer overflow in the spa_base64_to_bits function in Exim before 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow attackers to execute arbitrary code during SPA authentication.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Exim | University_of_cambridge | * | 4.40 (including) |
Exim | University_of_cambridge | 4.41 (including) | 4.41 (including) |
Exim | University_of_cambridge | 4.42 (including) | 4.42 (including) |