Critical severity9.8CISA KEVNVD Advisory· Published Dec 14, 2010· Updated Apr 21, 2026

CVE-2010-4344

Description

Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to improper rejection logging.

Affected products

Exim/Exim
cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*
Range: <4.70
Canonical (company)/Ubuntu Linux3 versions
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
Debian/Debian Linux
cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
OpenSUSE/openSUSE3 versions
cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

bugs.exim.org/show_bug.cginvdIssue TrackingPatch
git.exim.org/exim.git/commit/24c929a27415c7cfc7126c47e4cad39acf3efa6bnvdMailing ListPatch
lists.exim.org/lurker/message/20101210.164935.385e04d0.en.htmlnvdMailing ListPatch
www.exim.org/lurker/message/20101207.215955.bb32d4f2.en.htmlnvdExploitMailing List
www.openwall.com/lists/oss-security/2021/05/04/7nvdExploitMailing List
www.osvdb.org/69685nvdBroken LinkExploitPatch
bugzilla.redhat.com/show_bug.cginvdExploitIssue Tracking
lists.opensuse.org/opensuse-security-announce/2010-12/msg00003.htmlnvdMailing ListThird Party Advisory
openwall.com/lists/oss-security/2010/12/10/1nvdMailing ListThird Party Advisory
secunia.com/advisories/40019nvdBroken LinkVendor Advisory
secunia.com/advisories/42576nvdBroken LinkVendor Advisory
secunia.com/advisories/42586nvdBroken LinkVendor Advisory
secunia.com/advisories/42587nvdBroken LinkVendor Advisory
secunia.com/advisories/42589nvdBroken LinkVendor Advisory
www.debian.org/security/2010/dsa-2131nvdMailing ListThird Party Advisory
www.kb.cert.org/vuls/id/682457nvdThird Party AdvisoryUS Government Resource
www.metasploit.com/modules/exploit/unix/smtp/exim4_string_formatnvdThird Party Advisory
www.securityfocus.com/archive/1/515172/100/0/threadednvdBroken LinkThird Party AdvisoryVDB Entry
www.securityfocus.com/bid/45308nvdBroken LinkThird Party AdvisoryVDB Entry
www.securitytracker.com/idnvdBroken LinkThird Party AdvisoryVDB Entry
www.ubuntu.com/usn/USN-1032-1nvdThird Party Advisory
www.vupen.com/english/advisories/2010/3171nvdBroken LinkVendor Advisory
www.vupen.com/english/advisories/2010/3172nvdBroken LinkVendor Advisory
www.vupen.com/english/advisories/2010/3181nvdBroken LinkVendor Advisory
www.vupen.com/english/advisories/2010/3186nvdBroken LinkVendor Advisory
www.vupen.com/english/advisories/2010/3204nvdBroken LinkVendor Advisory
www.vupen.com/english/advisories/2010/3246nvdBroken LinkVendor Advisory
ftp.exim.org/pub/exim/ChangeLogs/ChangeLog-4.70nvdBroken Link
atmail.com/blog/2010/atmail-6204-now-available/nvdBroken Link
www.cpanel.net/2010/12/exim-remote-memory-corruption-vulnerability-notification-cve-2010-4344.htmlnvdBroken Link
www.redhat.com/support/errata/RHSA-2010-0970.htmlnvdBroken Link
www.theregister.co.uk/2010/12/11/exim_code_execution_peril/nvdPress/Media Coverage
www.vupen.com/english/advisories/2010/3317nvdBroken Link
www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource

News mentions

No linked articles in our index yet.

cvss	0.637
epss	0.041
exploit	0.030
kev	0.120
patch	0.000
ransomware	0.000