CVE-2010-4344
critical-risk
Published 2010-12-14
Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to improper rejection logging.
Do I need to act?
!
61.5% chance of exploitation in next 30 days
EPSS score — higher than 39% of all CVEs
!
CISA KEV: actively exploited in the wild
On the Known Exploited Vulnerabilities catalog — federal agencies must patch
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.8/10
Critical
NETWORK
/ LOW complexity
Affected Products (8)
References (67)
Issue Tracking
http://bugs.exim.org/show_bug.cgi?id=787
Mailing List
http://openwall.com/lists/oss-security/2010/12/10/1
Broken Link
http://secunia.com/advisories/40019
Broken Link
http://secunia.com/advisories/42576
Broken Link
http://secunia.com/advisories/42586
Broken Link
http://secunia.com/advisories/42587
Broken Link
http://secunia.com/advisories/42589
Mailing List
http://www.debian.org/security/2010/dsa-2131
Third Party Advisory
http://www.kb.cert.org/vuls/id/682457
Third Party Advisory
http://www.metasploit.com/modules/exploit/unix/smtp/exim4_string_format
Broken Link
http://www.osvdb.org/69685
and 47 more references
79
/ 100
critical-risk
Severity
32/34 · Critical
Exploitability
33/34 · Critical
Exposure
14/34 · Moderate