Vulnerability feed

Vulnerability

CVE-2010-4344

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2010-4344
Description:: Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to improper rejection logging.
Last updated date:: 07/16/2024

Reports

alt

ACTIVELY EXPLOITED

Type:: exploitation
Confidence:: HIGH
Date of publishing:: 03/25/2022
Reference url to background: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

Type:: exploit
Confidence:: HIGH
Date of publishing:: 10/02/2020
Reference url to background: https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/smtp/exim4_string_format.rb

Type:: exploit
Confidence:: HIGH
Date of publishing:: 05/04/2021
Reference url to background: http://www.osvdb.org/69685

Type:: exploit
Confidence:: HIGH
Date of publishing:: 05/04/2021
Reference url to background: https://bugzilla.redhat.com/show_bug.cgi?id=661756

Type:: exploit
Confidence:: HIGH
Date of publishing:: 07/16/2024
Reference url to background: http://www.exim.org/lurker/message/20101207.215955.bb32d4f2.en.html

Type:: exploit
Confidence:: HIGH
Date of publishing:: 07/16/2024
Reference url to background: http://www.openwall.com/lists/oss-security/2021/05/04/7

Vulnerability Feed Contributors About Blog

@inTheWild

©2024 |