← ExploitWatch
HomeExploited Vulnerabilities

CVE-2010-4344 — Actively Exploited: Exim (Exim)

Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session.

CVE IDCVE-2010-4344
VendorExim
ProductExim
Vulnerability nameExim Heap-Based Buffer Overflow Vulnerability
Date added2022-03-25
Remediation due2022-04-15
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
DescriptionHeap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →