Buffer Overflow in Exim's spa_base64_to_bits Function Allows Arbitrary Code Execution

Buffer Overflow in Exim's spa_base64_to_bits Function Allows Arbitrary Code Execution

CVE-2005-0022 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

Buffer overflow in the spa_base64_to_bits function in Exim before 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow attackers to execute arbitrary code during SPA authentication.

Learn more about our Web Application Penetration Testing UK.