In Exim 4.90 and earlier, there is a buffer overflow in an utility function, if some pre-conditions are met. Using a handcrafted message, remote code execution seems to be possible.