fkie_cve-2024-39929
Vulnerability from fkie_nvd
Published
2024-07-04 15:15
Modified
2025-07-10 22:15
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Summary
Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass a $mime_filename extension-blocking protection mechanism, and potentially deliver executable attachments to the mailboxes of end users.
References
cve@mitre.orghttps://bugs.exim.org/show_bug.cgi?id=3099#c4Exploit, Vendor Advisory
cve@mitre.orghttps://git.exim.org/exim.git/commit/1b3209b0577a9327ebb076f3b32b8a159c253f7bPatch
cve@mitre.orghttps://git.exim.org/exim.git/commit/6ce5c70cff8989418e05d01fd2a57703007a6357Patch
cve@mitre.orghttps://github.com/Exim/exim/compare/exim-4.98-RC2...exim-4.98-RC3Release Notes
cve@mitre.orghttps://www.rfc-editor.org/rfc/rfc2231.txtNot Applicable
af854a3a-2127-422b-91ae-364da2661108https://bugs.exim.org/show_bug.cgi?id=3099#c4Exploit, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://git.exim.org/exim.git/commit/1b3209b0577a9327ebb076f3b32b8a159c253f7bPatch
af854a3a-2127-422b-91ae-364da2661108https://git.exim.org/exim.git/commit/6ce5c70cff8989418e05d01fd2a57703007a6357Patch
af854a3a-2127-422b-91ae-364da2661108https://github.com/Exim/exim/compare/exim-4.98-RC2...exim-4.98-RC3Release Notes
af854a3a-2127-422b-91ae-364da2661108https://www.rfc-editor.org/rfc/rfc2231.txtNot Applicable
Impacted products
Vendor Product Version
exim exim *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "067D683A-5A3E-4B3D-86A4-4BB405D84A7D",
              "versionEndIncluding": "4.97.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass a $mime_filename extension-blocking protection mechanism, and potentially deliver executable attachments to the mailboxes of end users."
    },
    {
      "lang": "es",
      "value": "Exim hasta la versi\u00f3n 4.97.1 analiza err\u00f3neamente un nombre de archivo de encabezado RFC 2231 multil\u00ednea y, por lo tanto, atacantes remotos pueden eludir un mecanismo de protecci\u00f3n de bloqueo de extensi\u00f3n $mime_filename y potencialmente entregar archivos adjuntos ejecutables a los buzones de correo de los usuarios finales."
    }
  ],
  "id": "CVE-2024-39929",
  "lastModified": "2025-07-10T22:15:25.230",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.5,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-07-04T15:15:10.323",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "https://bugs.exim.org/show_bug.cgi?id=3099#c4"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "https://git.exim.org/exim.git/commit/1b3209b0577a9327ebb076f3b32b8a159c253f7b"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "https://git.exim.org/exim.git/commit/6ce5c70cff8989418e05d01fd2a57703007a6357"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Release Notes"
      ],
      "url": "https://github.com/Exim/exim/compare/exim-4.98-RC2...exim-4.98-RC3"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Not Applicable"
      ],
      "url": "https://www.rfc-editor.org/rfc/rfc2231.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "https://bugs.exim.org/show_bug.cgi?id=3099#c4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.exim.org/exim.git/commit/1b3209b0577a9327ebb076f3b32b8a159c253f7b"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.exim.org/exim.git/commit/6ce5c70cff8989418e05d01fd2a57703007a6357"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes"
      ],
      "url": "https://github.com/Exim/exim/compare/exim-4.98-RC2...exim-4.98-RC3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable"
      ],
      "url": "https://www.rfc-editor.org/rfc/rfc2231.txt"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-116"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.