Three of the zero-day vulnerabilities discovered last week by Trend Micro’s Zero Day Initiative (ZDI) have been patched by Exim developers; one of them permits remote code execution by unauthenticated attackers. The specific weakness is present in the smtp service, which by default listens on TCP port 25. The problem is caused by improper user data validation, which can lead to writes that go past the end of a buffer, according to ZDI’s alert.
_x000D_The security flaw (CVE-2023-42115), which was uncovered by an unnamed security researcher, is caused by an Out-of-bounds Write weakness in the SMTP service and can be used by remote, unauthenticated attackers to execute code in the context of the service account.