Your submission was sent successfully! Close

CVE-2010-4344

Published: 10 December 2010

Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to improper rejection logging.

Notes

AuthorNote
mdeslaur
fixed in 4.70
jdstrand
while the bug was fixed in 2008, it was not known to be a security
bug. Public exploit made available on 2010-12-10 (UTC)
Priority

High

Status

Package Release Status
exim4
Launchpad, Ubuntu, Debian
dapper
Released (4.60-3ubuntu3.2)
hardy
Released (4.69-2ubuntu0.2)
karmic
Released (4.69-11ubuntu4.1)
lucid Not vulnerable
(4.71-3ubuntu1)
maverick Not vulnerable
(4.72-1ubuntu1)
upstream
Released (4.70)
Patches:
upstream: http://git.exim.org/exim.git/commitdiff/24c929a2