| Vulnerability Name: | CVE-2010-4344 (CCN-63960) | ||||||||||||||||||||||||||||||||||||||||
| Assigned: | 2010-12-07 | ||||||||||||||||||||||||||||||||||||||||
| Published: | 2010-12-07 | ||||||||||||||||||||||||||||||||||||||||
| Updated: | 2023-02-13 | ||||||||||||||||||||||||||||||||||||||||
| Summary: | Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to improper rejection logging. | ||||||||||||||||||||||||||||||||||||||||
| CVSS v3 Severity: | 10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||||||||||||||||||||||||||||||||||
| CVSS v2 Severity: | 9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C) 7.7 High (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C)
8.3 High (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C)
6.2 Medium (REDHAT Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:F/RL:OF/RC:C)
| ||||||||||||||||||||||||||||||||||||||||
| Vulnerability Type: | CWE-78 | ||||||||||||||||||||||||||||||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||||||||||||||||||||||||||||||
| References: | Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: Patch secalert@redhat.com Source: MITRE Type: CNA CVE-2010-4344 Source: secalert@redhat.com Type: Patch secalert@redhat.com Source: secalert@redhat.com Type: Patch secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: CCN Type: Packet Storm Web site 4.69 string_format Function Heap Buffer Overflow Source: CCN Type: RHSA-2010-0970 Critical: exim security update Source: CCN Type: SA40019 exim Hardlink Handling and MBX Locking Two Weaknesses Source: CCN Type: SA42625 cPanel Exim Multiple Vulnerabilities Source: CCN Type: SECTRACK ID: 1024858 Exim Buffer Overfow in string_format() Lets Remote Users Execute Arbitrary Code Source: CCN Type: cPanel Web Site Exim Remote Memory Corruption Vulnerability Notification (CVE-2010-4344) Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: DEBIAN Type: DSA-2131 exim4 -- arbitrary code execution Source: CCN Type: Exim Web site exim Internet Mailer Source: CCN Type: exim-dev Remote root vulnerability in Exim Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: CCN Type: US-CERT VU#682457 Exim string_format() buffer overflow Source: secalert@redhat.com Type: US Government Resource secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: CCN Type: OSVDB ID: 69685 Exim string_format Function Remote Overflow Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: CCN Type: BID-45308 Exim Crafted Header Remote Code Execution Vulnerability Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: Vendor Advisory secalert@redhat.com Source: secalert@redhat.com Type: Vendor Advisory secalert@redhat.com Source: secalert@redhat.com Type: Vendor Advisory secalert@redhat.com Source: secalert@redhat.com Type: Vendor Advisory secalert@redhat.com Source: secalert@redhat.com Type: Vendor Advisory secalert@redhat.com Source: secalert@redhat.com Type: Vendor Advisory secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: Exploit secalert@redhat.com Source: XF Type: UNKNOWN exim-header-bo(63960) Source: CCN Type: NMAP Web site File smtp-vuln-cve2010-4344 Source: EXPLOIT-DB Type: EXPLOIT Offensive Security Exploit Database [12-15-2010] Source: SUSE Type: SUSE-SA:2010:059 exim remote code execution | ||||||||||||||||||||||||||||||||||||||||
| Vulnerable Configuration: | Configuration RedHat 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||||||||||||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||||||
| BACK | |||||||||||||||||||||||||||||||||||||||||