Medium
Exim is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the string_vformat function in string.c. By sending an overly-long EHLO string, a remote attacker could overflow a buffer and execute arbitrary code on the system.
Unauthorized Access
Exim
Upgrade to the latest version of Exim (4.92.3 or later)