VYPR
High severity7.8CISA KEVNVD Advisory· Published Dec 14, 2010· Updated Jun 16, 2026

CVE-2010-4345

CVE-2010-4345

Description

Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

12
  • Exim/Exim2 versions
    cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*range: <=4.72
    • (no CPE)range: <=4.72
  • cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*+ 4 more
    • cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
  • OpenSUSE/openSUSE3 versions
    cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*
    • cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*
    • cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

29

News mentions

0

No linked articles in our index yet.