Philip Hazel

**Name of the Vulnerable Software and Affected Versions** Exim versions prior to 4.43 **Description** The issue is related to multiple buffer overflows that may allow attackers to execute arbitrary code. This can be triggered via an IPv6 address with more than 8 components using the -be command line option, which causes an overflow in the `host aton` function. Another trigger is through the -bh command line option or dnsdb PTR lookup, leading to an overflow in the `dns build reverse` function. **Recommendations** For versions prior to 4.43, update to version 4.43 or later to resolve the issue. As a temporary workaround, consider restricting the use of the -be and -bh command line options until a patch is applied. Additionally, restrict dnsdb PTR lookup to minimize the risk of exploitation.