CVE-2010-4344 - Vulnerability Details

Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to improper rejection logging.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:M/Au:N/C:C/I:C/A:C

This CVE is in the KEV database since March 25, 2022.

Exploitation active

Automatable yes

Technical Impact total

Vendors	Products
Canonical	Ubuntu Linux
Debian	Debian Linux
Exim	Exim
Opensuse	Opensuse
Redhat	Enterprise Linux Rhel Eus

Configuration 1 [-]

cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:opensuse:opensuse:11.1:::::::*
	cpe:2.3:o:opensuse:opensuse:11.2:::::::*
	cpe:2.3:o:opensuse:opensuse:11.3:::::::*

Configuration 3 [-]

cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*

Configuration 4 [-]

OR	cpe:2.3:o:canonical:ubuntu_linux:6.06:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:8.04::::-:::
	cpe:2.3:o:canonical:ubuntu_linux:9.10:::::::*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 4
exim-0:4.43-1.RHEL4.5.el4_8.1	cpe:/o:redhat:enterprise_linux:4	RHSA-2010:0970	2010-12-10T00:00:00Z
Red Hat Enterprise Linux 4.7 Z Stream
exim-0:4.43-1.RHEL4.5.el4_7.1	cpe:/o:redhat:rhel_eus:4.7	RHSA-2010:0970	2010-12-10T00:00:00Z
Red Hat Enterprise Linux 5
exim-0:4.63-5.el5_5.2	cpe:/o:redhat:enterprise_linux:5	RHSA-2010:0970	2010-12-10T00:00:00Z
Red Hat Enterprise Linux 5.3.Z - Server Only
exim-0:4.63-3.el5_3.1	cpe:/o:redhat:rhel_eus:5.3	RHSA-2010:0970	2010-12-10T00:00:00Z
Red Hat Enterprise Linux 5.4.Z - Server Only
exim-0:4.63-3.el5_4.1	cpe:/o:redhat:rhel_eus:5.4	RHSA-2010:0970	2010-12-10T00:00:00Z

References

Link	Providers
ftp://ftp.exim.org/pub/exim/ChangeLogs/ChangeLog-4.70
http://atmail.com/blog/2010/atmail-6204-now-available/
http://bugs.exim.org/show_bug.cgi?id=787
http://git.exim.org/exim.git/commit/24c929a27415c7cfc7126c47e4cad39acf3efa6b
http://lists.exim.org/lurker/message/20101210.164935.385e04d0.en.html
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00003.html
http://openwall.com/lists/oss-security/2010/12/10/1
http://secunia.com/advisories/40019
http://secunia.com/advisories/42576
http://secunia.com/advisories/42586
http://secunia.com/advisories/42587
http://secunia.com/advisories/42589
http://www.cpanel.net/2010/12/exim-remote-memory-corruption-vulnerability-notification-cve-2010-4344.html
http://www.debian.org/security/2010/dsa-2131
http://www.exim.org/lurker/message/20101207.215955.bb32d4f2.en.html
http://www.kb.cert.org/vuls/id/682457
http://www.metasploit.com/modules/exploit/unix/smtp/exim4_string_format
http://www.openwall.com/lists/oss-security/2021/05/04/7
http://www.osvdb.org/69685
http://www.redhat.com/support/errata/RHSA-2010-0970.html
http://www.securityfocus.com/archive/1/515172/100/0/threaded
http://www.securityfocus.com/bid/45308
http://www.securitytracker.com/id?1024858
http://www.theregister.co.uk/2010/12/11/exim_code_execution_peril/
http://www.ubuntu.com/usn/USN-1032-1
http://www.vupen.com/english/advisories/2010/3171
http://www.vupen.com/english/advisories/2010/3172
http://www.vupen.com/english/advisories/2010/3181
http://www.vupen.com/english/advisories/2010/3186
http://www.vupen.com/english/advisories/2010/3204
http://www.vupen.com/english/advisories/2010/3246
http://www.vupen.com/english/advisories/2010/3317
https://bugzilla.redhat.com/show_bug.cgi?id=661756
https://nvd.nist.gov/vuln/detail/CVE-2010-4344
https://www.cisa.gov/known-exploited-vulnerabilities-catalog
https://www.cve.org/CVERecord?id=CVE-2010-4344

History

Fri, 07 Feb 2025 14:15:00 +0000

Type	Values Removed	Values Added
Metrics		kev `{'dateAdded': '2022-03-25'}` ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'active', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Tue, 13 Aug 2024 23:15:00 +0000

Type	Values Removed	Values Added
References		https://www.cisa.gov/known-exploited-vulnerabilities-catalog

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2010-12-14T15:00:00.000Z

Updated: 2025-02-07T13:34:01.836Z

Reserved: 2010-11-30T00:00:00.000Z

Link: CVE-2010-4344

Vulnrichment

Updated: 2024-08-07T03:43:14.654Z

NVD

Status : Deferred

Published: 2010-12-14T16:00:04.163

Modified: 2025-04-11T00:51:21.963

Link: CVE-2010-4344

Redhat

Severity : Critical

Publid Date: 2010-12-07T00:00:00Z

Links: CVE-2010-4344 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-12-07T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to improper rejection logging."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-05-04T17:06:38.000Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "SUSE-SA:2010:059", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00003.html"}, {"name": "[exim-dev] 20101207 Remote root vulnerability in Exim", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.exim.org/lurker/message/20101207.215955.bb32d4f2.en.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://bugs.exim.org/show_bug.cgi?id=787"}, {"name": "1024858", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1024858"}, {"name": "RHSA-2010:0970", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2010-0970.html"}, {"name": "ADV-2010-3186", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/3186"}, {"name": "45308", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/45308"}, {"tags": ["x_refsource_MISC"], "url": "http://www.metasploit.com/modules/exploit/unix/smtp/exim4_string_format"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://atmail.com/blog/2010/atmail-6204-now-available/"}, {"name": "42576", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/42576"}, {"name": "42587", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/42587"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=661756"}, {"name": "[exim-dev] 20101210 Re: Remote root vulnerability in Exim", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://lists.exim.org/lurker/message/20101210.164935.385e04d0.en.html"}, {"name": "40019", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/40019"}, {"name": "ADV-2010-3172", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/3172"}, {"name": "VU#682457", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/682457"}, {"name": "ADV-2010-3181", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/3181"}, {"name": "42586", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/42586"}, {"name": "ADV-2010-3317", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/3317"}, {"name": "USN-1032-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-1032-1"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.cpanel.net/2010/12/exim-remote-memory-corruption-vulnerability-notification-cve-2010-4344.html"}, {"name": "69685", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/69685"}, {"name": "20101213 Exim security issue in historical release", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/515172/100/0/threaded"}, {"tags": ["x_refsource_MISC"], "url": "http://www.theregister.co.uk/2010/12/11/exim_code_execution_peril/"}, {"name": "ADV-2010-3246", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/3246"}, {"tags": ["x_refsource_CONFIRM"], "url": "ftp://ftp.exim.org/pub/exim/ChangeLogs/ChangeLog-4.70"}, {"name": "ADV-2010-3204", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/3204"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.exim.org/exim.git/commit/24c929a27415c7cfc7126c47e4cad39acf3efa6b"}, {"name": "DSA-2131", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2010/dsa-2131"}, {"name": "ADV-2010-3171", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/3171"}, {"name": "42589", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/42589"}, {"name": "[oss-security] 20101210 Exim remote root", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://openwall.com/lists/oss-security/2010/12/10/1"}, {"name": "[oss-security] 20210504 21Nails: Multiple vulnerabilities in Exim", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2021/05/04/7"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T03:43:14.654Z"}, "title": "CVE Program Container", "references": [{"name": "SUSE-SA:2010:059", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00003.html"}, {"name": "[exim-dev] 20101207 Remote root vulnerability in Exim", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.exim.org/lurker/message/20101207.215955.bb32d4f2.en.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://bugs.exim.org/show_bug.cgi?id=787"}, {"name": "1024858", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1024858"}, {"name": "RHSA-2010:0970", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2010-0970.html"}, {"name": "ADV-2010-3186", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2010/3186"}, {"name": "45308", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/45308"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.metasploit.com/modules/exploit/unix/smtp/exim4_string_format"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://atmail.com/blog/2010/atmail-6204-now-available/"}, {"name": "42576", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/42576"}, {"name": "42587", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/42587"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=661756"}, {"name": "[exim-dev] 20101210 Re: Remote root vulnerability in Exim", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://lists.exim.org/lurker/message/20101210.164935.385e04d0.en.html"}, {"name": "40019", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/40019"}, {"name": "ADV-2010-3172", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2010/3172"}, {"name": "VU#682457", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/682457"}, {"name": "ADV-2010-3181", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2010/3181"}, {"name": "42586", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/42586"}, {"name": "ADV-2010-3317", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2010/3317"}, {"name": "USN-1032-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-1032-1"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.cpanel.net/2010/12/exim-remote-memory-corruption-vulnerability-notification-cve-2010-4344.html"}, {"name": "69685", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/69685"}, {"name": "20101213 Exim security issue in historical release", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/515172/100/0/threaded"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.theregister.co.uk/2010/12/11/exim_code_execution_peril/"}, {"name": "ADV-2010-3246", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2010/3246"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "ftp://ftp.exim.org/pub/exim/ChangeLogs/ChangeLog-4.70"}, {"name": "ADV-2010-3204", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2010/3204"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.exim.org/exim.git/commit/24c929a27415c7cfc7126c47e4cad39acf3efa6b"}, {"name": "DSA-2131", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2010/dsa-2131"}, {"name": "ADV-2010-3171", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2010/3171"}, {"name": "42589", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/42589"}, {"name": "[oss-security] 20101210 Exim remote root", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://openwall.com/lists/oss-security/2010/12/10/1"}, {"name": "[oss-security] 20210504 21Nails: Multiple vulnerabilities in Exim", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2021/05/04/7"}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-787", "lang": "en", "description": "CWE-787 Out-of-bounds Write"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-02-07T13:23:46.584337Z", "id": "CVE-2010-4344", "options": [{"Exploitation": "active"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2022-03-25", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2010-4344"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-07T13:34:01.836Z"}}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2010-4344", "datePublished": "2010-12-14T15:00:00.000Z", "dateReserved": "2010-11-30T00:00:00.000Z", "dateUpdated": "2025-02-07T13:34:01.836Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00003.html", "name": "SUSE-SA:2010:059", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"]}, {"url": "http://www.exim.org/lurker/message/20101207.215955.bb32d4f2.en.html", "name": "[exim-dev] 20101207 Remote root vulnerability in Exim", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"]}, {"url": "http://bugs.exim.org/show_bug.cgi?id=787", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "http://www.securitytracker.com/id?1024858", "name": "1024858", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"]}, {"url": "http://www.redhat.com/support/errata/RHSA-2010-0970.html", "name": "RHSA-2010:0970", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "http://www.vupen.com/english/advisories/2010/3186", "name": "ADV-2010-3186", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"]}, {"url": "http://www.securityfocus.com/bid/45308", "name": "45308", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"]}, {"url": "http://www.metasploit.com/modules/exploit/unix/smtp/exim4_string_format", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "http://atmail.com/blog/2010/atmail-6204-now-available/", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "http://secunia.com/advisories/42576", "name": "42576", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"]}, {"url": "http://secunia.com/advisories/42587", "name": "42587", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=661756", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "http://lists.exim.org/lurker/message/20101210.164935.385e04d0.en.html", "name": "[exim-dev] 20101210 Re: Remote root vulnerability in Exim", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"]}, {"url": "http://secunia.com/advisories/40019", "name": "40019", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"]}, {"url": "http://www.vupen.com/english/advisories/2010/3172", "name": "ADV-2010-3172", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"]}, {"url": "http://www.kb.cert.org/vuls/id/682457", "name": "VU#682457", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"]}, {"url": "http://www.vupen.com/english/advisories/2010/3181", "name": "ADV-2010-3181", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"]}, {"url": "http://secunia.com/advisories/42586", "name": "42586", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"]}, {"url": "http://www.vupen.com/english/advisories/2010/3317", "name": "ADV-2010-3317", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"]}, {"url": "http://www.ubuntu.com/usn/USN-1032-1", "name": "USN-1032-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"]}, {"url": "http://www.cpanel.net/2010/12/exim-remote-memory-corruption-vulnerability-notification-cve-2010-4344.html", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "http://www.osvdb.org/69685", "name": "69685", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"]}, {"url": "http://www.securityfocus.com/archive/1/515172/100/0/threaded", "name": "20101213 Exim security issue in historical release", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"]}, {"url": "http://www.theregister.co.uk/2010/12/11/exim_code_execution_peril/", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "http://www.vupen.com/english/advisories/2010/3246", "name": "ADV-2010-3246", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"]}, {"url": "ftp://ftp.exim.org/pub/exim/ChangeLogs/ChangeLog-4.70", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "http://www.vupen.com/english/advisories/2010/3204", "name": "ADV-2010-3204", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"]}, {"url": "http://git.exim.org/exim.git/commit/24c929a27415c7cfc7126c47e4cad39acf3efa6b", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "http://www.debian.org/security/2010/dsa-2131", "name": "DSA-2131", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"]}, {"url": "http://www.vupen.com/english/advisories/2010/3171", "name": "ADV-2010-3171", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"]}, {"url": "http://secunia.com/advisories/42589", "name": "42589", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"]}, {"url": "http://openwall.com/lists/oss-security/2010/12/10/1", "name": "[oss-security] 20101210 Exim remote root", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2021/05/04/7", "name": "[oss-security] 20210504 21Nails: Multiple vulnerabilities in Exim", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T03:43:14.654Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2010-4344", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-02-07T13:23:46.584337Z"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2022-03-25", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2010-4344"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-07T13:25:48.362Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-12-07T00:00:00.000Z", "references": [{"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00003.html", "name": "SUSE-SA:2010:059", "tags": ["vendor-advisory", "x_refsource_SUSE"]}, {"url": "http://www.exim.org/lurker/message/20101207.215955.bb32d4f2.en.html", "name": "[exim-dev] 20101207 Remote root vulnerability in Exim", "tags": ["mailing-list", "x_refsource_MLIST"]}, {"url": "http://bugs.exim.org/show_bug.cgi?id=787", "tags": ["x_refsource_CONFIRM"]}, {"url": "http://www.securitytracker.com/id?1024858", "name": "1024858", "tags": ["vdb-entry", "x_refsource_SECTRACK"]}, {"url": "http://www.redhat.com/support/errata/RHSA-2010-0970.html", "name": "RHSA-2010:0970", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "http://www.vupen.com/english/advisories/2010/3186", "name": "ADV-2010-3186", "tags": ["vdb-entry", "x_refsource_VUPEN"]}, {"url": "http://www.securityfocus.com/bid/45308", "name": "45308", "tags": ["vdb-entry", "x_refsource_BID"]}, {"url": "http://www.metasploit.com/modules/exploit/unix/smtp/exim4_string_format", "tags": ["x_refsource_MISC"]}, {"url": "http://atmail.com/blog/2010/atmail-6204-now-available/", "tags": ["x_refsource_CONFIRM"]}, {"url": "http://secunia.com/advisories/42576", "name": "42576", "tags": ["third-party-advisory", "x_refsource_SECUNIA"]}, {"url": "http://secunia.com/advisories/42587", "name": "42587", "tags": ["third-party-advisory", "x_refsource_SECUNIA"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=661756", "tags": ["x_refsource_CONFIRM"]}, {"url": "http://lists.exim.org/lurker/message/20101210.164935.385e04d0.en.html", "name": "[exim-dev] 20101210 Re: Remote root vulnerability in Exim", "tags": ["mailing-list", "x_refsource_MLIST"]}, {"url": "http://secunia.com/advisories/40019", "name": "40019", "tags": ["third-party-advisory", "x_refsource_SECUNIA"]}, {"url": "http://www.vupen.com/english/advisories/2010/3172", "name": "ADV-2010-3172", "tags": ["vdb-entry", "x_refsource_VUPEN"]}, {"url": "http://www.kb.cert.org/vuls/id/682457", "name": "VU#682457", "tags": ["third-party-advisory", "x_refsource_CERT-VN"]}, {"url": "http://www.vupen.com/english/advisories/2010/3181", "name": "ADV-2010-3181", "tags": ["vdb-entry", "x_refsource_VUPEN"]}, {"url": "http://secunia.com/advisories/42586", "name": "42586", "tags": ["third-party-advisory", "x_refsource_SECUNIA"]}, {"url": "http://www.vupen.com/english/advisories/2010/3317", "name": "ADV-2010-3317", "tags": ["vdb-entry", "x_refsource_VUPEN"]}, {"url": "http://www.ubuntu.com/usn/USN-1032-1", "name": "USN-1032-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"]}, {"url": "http://www.cpanel.net/2010/12/exim-remote-memory-corruption-vulnerability-notification-cve-2010-4344.html", "tags": ["x_refsource_CONFIRM"]}, {"url": "http://www.osvdb.org/69685", "name": "69685", "tags": ["vdb-entry", "x_refsource_OSVDB"]}, {"url": "http://www.securityfocus.com/archive/1/515172/100/0/threaded", "name": "20101213 Exim security issue in historical release", "tags": ["mailing-list", "x_refsource_BUGTRAQ"]}, {"url": "http://www.theregister.co.uk/2010/12/11/exim_code_execution_peril/", "tags": ["x_refsource_MISC"]}, {"url": "http://www.vupen.com/english/advisories/2010/3246", "name": "ADV-2010-3246", "tags": ["vdb-entry", "x_refsource_VUPEN"]}, {"url": "ftp://ftp.exim.org/pub/exim/ChangeLogs/ChangeLog-4.70", "tags": ["x_refsource_CONFIRM"]}, {"url": "http://www.vupen.com/english/advisories/2010/3204", "name": "ADV-2010-3204", "tags": ["vdb-entry", "x_refsource_VUPEN"]}, {"url": "http://git.exim.org/exim.git/commit/24c929a27415c7cfc7126c47e4cad39acf3efa6b", "tags": ["x_refsource_CONFIRM"]}, {"url": "http://www.debian.org/security/2010/dsa-2131", "name": "DSA-2131", "tags": ["vendor-advisory", "x_refsource_DEBIAN"]}, {"url": "http://www.vupen.com/english/advisories/2010/3171", "name": "ADV-2010-3171", "tags": ["vdb-entry", "x_refsource_VUPEN"]}, {"url": "http://secunia.com/advisories/42589", "name": "42589", "tags": ["third-party-advisory", "x_refsource_SECUNIA"]}, {"url": "http://openwall.com/lists/oss-security/2010/12/10/1", "name": "[oss-security] 20101210 Exim remote root", "tags": ["mailing-list", "x_refsource_MLIST"]}, {"url": "http://www.openwall.com/lists/oss-security/2021/05/04/7", "name": "[oss-security] 20210504 21Nails: Multiple vulnerabilities in Exim", "tags": ["mailing-list", "x_refsource_MLIST"]}], "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to improper rejection logging."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2021-05-04T17:06:38.000Z"}}}, "cveMetadata": {"cveId": "CVE-2010-4344", "state": "PUBLISHED", "dateUpdated": "2025-02-07T13:34:01.836Z", "dateReserved": "2010-11-30T00:00:00.000Z", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "datePublished": "2010-12-14T15:00:00.000Z", "assignerShortName": "redhat"}, "dataVersion": "5.1"}

{"cisaActionDue": "2022-04-15", "cisaExploitAdd": "2022-03-25", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "Exim Heap-Based Buffer Overflow Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*", "matchCriteriaId": "814F64F6-15D3-443C-BC00-4BC1A8F89C8A", "versionEndExcluding": "4.70", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*", "matchCriteriaId": "FBF7B6A8-3DF9-46EC-A90E-6EF68C39F883", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*", "matchCriteriaId": "A01C8B7E-EB19-40EA-B1D2-9AE5EA536C95", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*", "matchCriteriaId": "5646FDE9-CF21-46A9-B89D-F5BBDB4249AF", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*", "matchCriteriaId": "454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*", "matchCriteriaId": "7EBFE35C-E243-43D1-883D-4398D71763CC", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*", "matchCriteriaId": "A2BCB73E-27BB-4878-AD9C-90C4F20C25A0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to improper rejection logging."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer basado en mont\u00edculo en la funci\u00f3n string_vformat en string.c en Exim antes de v4.70 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de una sesi\u00f3n de SMTP que incluye dos comandos MAIL junto con un mensaje de gran tama\u00f1o que contiene cabeceras modificadas, lo que lleva a un registro impropio del rechazo."}], "id": "CVE-2010-4344", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2010-12-14T16:00:04.163", "references": [{"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "ftp://ftp.exim.org/pub/exim/ChangeLogs/ChangeLog-4.70"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://atmail.com/blog/2010/atmail-6204-now-available/"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Patch"], "url": "http://bugs.exim.org/show_bug.cgi?id=787"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Patch"], "url": "http://git.exim.org/exim.git/commit/24c929a27415c7cfc7126c47e4cad39acf3efa6b"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Patch"], "url": "http://lists.exim.org/lurker/message/20101210.164935.385e04d0.en.html"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00003.html"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://openwall.com/lists/oss-security/2010/12/10/1"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Vendor Advisory"], "url": "http://secunia.com/advisories/40019"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Vendor Advisory"], "url": "http://secunia.com/advisories/42576"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Vendor Advisory"], "url": "http://secunia.com/advisories/42586"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Vendor Advisory"], "url": "http://secunia.com/advisories/42587"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Vendor Advisory"], "url": "http://secunia.com/advisories/42589"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://www.cpanel.net/2010/12/exim-remote-memory-corruption-vulnerability-notification-cve-2010-4344.html"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.debian.org/security/2010/dsa-2131"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Mailing List"], "url": "http://www.exim.org/lurker/message/20101207.215955.bb32d4f2.en.html"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/682457"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.metasploit.com/modules/exploit/unix/smtp/exim4_string_format"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2021/05/04/7"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Exploit", "Patch"], "url": "http://www.osvdb.org/69685"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://www.redhat.com/support/errata/RHSA-2010-0970.html"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/515172/100/0/threaded"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/45308"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1024858"}, {"source": "secalert@redhat.com", "tags": ["Press/Media Coverage"], "url": "http://www.theregister.co.uk/2010/12/11/exim_code_execution_peril/"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-1032-1"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/3171"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/3172"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/3181"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/3186"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/3204"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/3246"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://www.vupen.com/english/advisories/2010/3317"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Issue Tracking"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=661756"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "ftp://ftp.exim.org/pub/exim/ChangeLogs/ChangeLog-4.70"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://atmail.com/blog/2010/atmail-6204-now-available/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch"], "url": "http://bugs.exim.org/show_bug.cgi?id=787"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch"], "url": "http://git.exim.org/exim.git/commit/24c929a27415c7cfc7126c47e4cad39acf3efa6b"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch"], "url": "http://lists.exim.org/lurker/message/20101210.164935.385e04d0.en.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00003.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://openwall.com/lists/oss-security/2010/12/10/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Vendor Advisory"], "url": "http://secunia.com/advisories/40019"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Vendor Advisory"], "url": "http://secunia.com/advisories/42576"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Vendor Advisory"], "url": "http://secunia.com/advisories/42586"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Vendor Advisory"], "url": "http://secunia.com/advisories/42587"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Vendor Advisory"], "url": "http://secunia.com/advisories/42589"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www.cpanel.net/2010/12/exim-remote-memory-corruption-vulnerability-notification-cve-2010-4344.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.debian.org/security/2010/dsa-2131"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Mailing List"], "url": "http://www.exim.org/lurker/message/20101207.215955.bb32d4f2.en.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/682457"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.metasploit.com/modules/exploit/unix/smtp/exim4_string_format"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2021/05/04/7"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Exploit", "Patch"], "url": "http://www.osvdb.org/69685"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www.redhat.com/support/errata/RHSA-2010-0970.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/515172/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/45308"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1024858"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Press/Media Coverage"], "url": "http://www.theregister.co.uk/2010/12/11/exim_code_execution_peril/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-1032-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/3171"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/3172"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/3181"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/3186"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/3204"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/3246"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www.vupen.com/english/advisories/2010/3317"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=661756"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-787"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2010:0970", "cpe": "cpe:/o:redhat:enterprise_linux:4", "package": "exim-0:4.43-1.RHEL4.5.el4_8.1", "product_name": "Red Hat Enterprise Linux 4", "release_date": "2010-12-10T00:00:00Z"}, {"advisory": "RHSA-2010:0970", "cpe": "cpe:/o:redhat:rhel_eus:4.7", "package": "exim-0:4.43-1.RHEL4.5.el4_7.1", "product_name": "Red Hat Enterprise Linux 4.7 Z Stream", "release_date": "2010-12-10T00:00:00Z"}, {"advisory": "RHSA-2010:0970", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "exim-0:4.63-5.el5_5.2", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2010-12-10T00:00:00Z"}, {"advisory": "RHSA-2010:0970", "cpe": "cpe:/o:redhat:rhel_eus:5.3", "package": "exim-0:4.63-3.el5_3.1", "product_name": "Red Hat Enterprise Linux 5.3.Z - Server Only", "release_date": "2010-12-10T00:00:00Z"}, {"advisory": "RHSA-2010:0970", "cpe": "cpe:/o:redhat:rhel_eus:5.4", "package": "exim-0:4.63-3.el5_4.1", "product_name": "Red Hat Enterprise Linux 5.4.Z - Server Only", "release_date": "2010-12-10T00:00:00Z"}], "bugzilla": {"description": "exim: remote code execution flaw", "id": "661756", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=661756"}, "csaw": false, "cvss": {"cvss_base_score": "7.5", "cvss_scoring_vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "status": "verified"}, "cwe": "CWE-78", "details": ["Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to improper rejection logging."], "name": "CVE-2010-4344", "public_date": "2010-12-07T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2010-4344\nhttps://nvd.nist.gov/vuln/detail/CVE-2010-4344\nhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog"], "threat_severity": "Critical"}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Exploitation active

Automatable yes

Technical Impact total

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object