CVEs-PoC/2010/CVE-2010-4344.md at b0e96c877abb080d7cf221c036336480ff266ccf

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-08 22:35:37 +02:00

Files

T

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to improper rejection logging.

POC

Reference

http://www.openwall.com/lists/oss-security/2021/05/04/7
http://www.theregister.co.uk/2010/12/11/exim_code_execution_peril/

Github

https://github.com/Ostorlab/KEV
https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
https://github.com/byte-mug/cumes
https://github.com/oneplus-x/jok3r
https://github.com/sbeteta42/enum_scan

1.0 KiB Raw Blame History

CVE-2010-4344

Description

POC

Reference

Github

1.0 KiB

Raw Blame History