The unprivileged user exim is running as could tell the exim daemon to read a different config file and leverage that to escalate privileges to root CVE-2010-4345. A buffer overflow in exim allowed remote attackers to execute arbitrary code CVE-2010-4344. openSUSE 11.3 is not affected by this flaw.