CVE-2010-4344 — CRITICAL (9.8)

Q: How severe is CVE-2010-4344?

CVE-2010-4344 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Q: Is there a patch for CVE-2010-4344?

Check the references section above for vendor advisories and patch information. Affected products include: Exim Exim, Opensuse Opensuse, Debian Debian Linux, Canonical Ubuntu Linux.

Vulnerability Description

Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to improper rejection logging.

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Exim	Exim	< 4.70
Opensuse	Opensuse	11.1
Debian	Debian Linux	5.0
Canonical	Ubuntu Linux	6.06

Related Weaknesses (CWE)

CWE-787

References

ftp://ftp.exim.org/pub/exim/ChangeLogs/ChangeLog-4.70Broken Link
http://atmail.com/blog/2010/atmail-6204-now-available/Broken Link
http://bugs.exim.org/show_bug.cgi?id=787Issue TrackingPatch
http://git.exim.org/exim.git/commit/24c929a27415c7cfc7126c47e4cad39acf3efa6bMailing ListPatch
http://lists.exim.org/lurker/message/20101210.164935.385e04d0.en.htmlMailing ListPatch
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00003.htmlMailing ListThird Party Advisory
http://openwall.com/lists/oss-security/2010/12/10/1Mailing ListThird Party Advisory
http://secunia.com/advisories/40019Broken LinkVendor Advisory
http://secunia.com/advisories/42576Broken LinkVendor Advisory
http://secunia.com/advisories/42586Broken LinkVendor Advisory
http://secunia.com/advisories/42587Broken LinkVendor Advisory
http://secunia.com/advisories/42589Broken LinkVendor Advisory
http://www.cpanel.net/2010/12/exim-remote-memory-corruption-vulnerability-notifiBroken Link
http://www.debian.org/security/2010/dsa-2131Mailing ListThird Party Advisory
http://www.exim.org/lurker/message/20101207.215955.bb32d4f2.en.htmlExploitMailing List

FAQ

What is CVE-2010-4344?

CVE-2010-4344 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conju...

How severe is CVE-2010-4344?

CVE-2010-4344 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2010-4344?

Check the references section above for vendor advisories and patch information. Affected products include: Exim Exim, Opensuse Opensuse, Debian Debian Linux, Canonical Ubuntu Linux.