Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2010-4344HistoryDec 14, 2010 - 4:00 p.m.
CVE-2010-4344
2010-12-1416:00:00
Debian Security Bug Tracker
security-tracker.debian.org
25
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.931 High
EPSS
Percentile
99.0%
Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to improper rejection logging.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | exim4 | < 4.70-1 | exim4_4.70-1_all.deb |
| Debian | 11 | all | exim4 | < 4.70-1 | exim4_4.70-1_all.deb |
| Debian | 10 | all | exim4 | < 4.70-1 | exim4_4.70-1_all.deb |
| Debian | 999 | all | exim4 | < 4.70-1 | exim4_4.70-1_all.deb |
| Debian | 13 | all | exim4 | < 4.70-1 | exim4_4.70-1_all.deb |
Related
prion
prion
Heap overflow
2010-12-14 16:00:00
ubuntu
ubuntu
Exim vulnerability
2010-12-11 00:00:00
ubuntucve
ubuntucve
CVE-2010-4344
2010-12-10 00:00:00
centos
centos
exim security update
2011-01-27 09:07:54
canvas
canvas
Immunity Canvas: CVE_2010_4344
2010-12-14 16:00:00
openvas
openvas
CentOS Update for exim CESA-2010:0970 centos4 i386
2011-01-31 00:00:00
RedHat Update for exim RHSA-2010:0970-01
2010-12-28 00:00:00
CentOS Update for exim CESA-2010:0970 centos4 x86_64
2012-07-30 00:00:00
nessus
nessus
Ubuntu 6.06 LTS / 8.04 LTS / 9.10 : exim4 vulnerability (USN-1032-1)
2010-12-12 00:00:00
CentOS 4 : exim (CESA-2010:0970)
2011-01-28 00:00:00
RHEL 4 / 5 : exim (RHSA-2010:0970)
2010-12-12 00:00:00
oraclelinux
oraclelinux
exim security update
2010-12-10 00:00:00
packetstorm
packetstorm
Exim 4.63 Remote Root Exploit
2010-12-11 00:00:00
Exim4 <= 4.69 string_format Function Heap Buffer Overflow
2010-12-11 00:00:00
attackerkb
attackerkb
CVE-2010-4344
2010-12-14 00:00:00
cve
cve
CVE-2010-4344
2010-12-14 16:00:00
checkpoint_advisories
checkpoint_advisories
Exim MTA string_format Remote Code Execution (CVE-2010-4344)
2010-12-22 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:56:02
redhat
redhat
(RHSA-2010:0970) Critical: exim security update
2010-12-10 00:00:00
cisa_kev
cisa_kev
Exim Heap-Based Buffer Overflow Vulnerability
2022-03-25 00:00:00
cert
cert
Exim string_format() buffer overflow
2010-12-13 00:00:00
osv
osv
exim4 - remote code execution
2010-12-10 00:00:00
suse
suse
remote code execution in exim
2010-12-13 10:39:26
securityvulns
securityvulns
[SECURITY] [DSA-2131-1] New exim4 packages fix remote code execution
2010-12-12 00:00:00
Exim memory corruption and remote code execution
2011-02-03 00:00:00
Exim security issue in historical release
2010-12-13 00:00:00
debian
debian
[SECURITY] [DSA-2131-1] New exim4 packages fix remote code execution
2010-12-10 15:13:43
[SECURITY] [DSA-2131-1] New exim4 packages fix remote code execution
2010-12-10 15:13:43
nmap
nmap
smtp-vuln-cve2010-4344 NSE Script
2011-06-24 15:37:53
thn
thn
Nmap 5.59 BETA1 - 40 new NSE scripts & improved IPv6
2011-07-01 11:41:00
gentoo
gentoo
Exim: Multiple vulnerabilities
2014-01-27 00:00:00
kitploit
kitploit
Jok3R - Network And Web Pentest Framework
2019-01-23 12:25:00
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.931 High
EPSS
Percentile
99.0%
Related for DEBIANCVE:CVE-2010-4344