Prior versions of Exim 4 have Improper Neutralization of Line Delimiters. Local users can alter the behavior of root processes because a recipient address can have a newline character. Prior versions of Exim 4 allowed Integer Overflow to Buffer Overflow in receive_add_recipient via an e-mail message with fifty million recipients. NOTE: remote exploitation may be difficult because of resource consumption. Prior versions of Exim 4 allowed Use After Free in smtp_reset in certain situations that may be common for builds with OpenSSL. Prior versions of Exim 4 have Improper Neutralization of Line Delimiters. An authenticated remote SMTP client can insert newline characters into a spool file via AUTH= in a MAIL FROM command