cve-2024-39929
Vulnerability from cvelistv5
Published
2024-07-04 00:00
Modified
2024-08-02 04:33
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Summary
Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass a $mime_filename extension-blocking protection mechanism, and potentially deliver executable attachments to the mailboxes of end users.
References
cve@mitre.orghttps://bugs.exim.org/show_bug.cgi?id=3099#c4
cve@mitre.orghttps://git.exim.org/exim.git/commit/1b3209b0577a9327ebb076f3b32b8a159c253f7b
cve@mitre.orghttps://git.exim.org/exim.git/commit/6ce5c70cff8989418e05d01fd2a57703007a6357
cve@mitre.orghttps://github.com/Exim/exim/compare/exim-4.98-RC2...exim-4.98-RC3
cve@mitre.orghttps://www.rfc-editor.org/rfc/rfc2231.txt
Impacted products
n/an/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "exim",
            "vendor": "exim",
            "versions": [
              {
                "lessThanOrEqual": "4.97.1",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 5.4,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "LOW",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-39929",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-08T16:09:08.280186Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-08T16:10:56.108Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T04:33:11.626Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.exim.org/exim.git/commit/6ce5c70cff8989418e05d01fd2a57703007a6357"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.exim.org/exim.git/commit/1b3209b0577a9327ebb076f3b32b8a159c253f7b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/Exim/exim/compare/exim-4.98-RC2...exim-4.98-RC3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.rfc-editor.org/rfc/rfc2231.txt"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugs.exim.org/show_bug.cgi?id=3099#c4"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass a $mime_filename extension-blocking protection mechanism, and potentially deliver executable attachments to the mailboxes of end users."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-04T14:47:11.317997",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://git.exim.org/exim.git/commit/6ce5c70cff8989418e05d01fd2a57703007a6357"
        },
        {
          "url": "https://git.exim.org/exim.git/commit/1b3209b0577a9327ebb076f3b32b8a159c253f7b"
        },
        {
          "url": "https://github.com/Exim/exim/compare/exim-4.98-RC2...exim-4.98-RC3"
        },
        {
          "url": "https://www.rfc-editor.org/rfc/rfc2231.txt"
        },
        {
          "url": "https://bugs.exim.org/show_bug.cgi?id=3099#c4"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2024-39929",
    "datePublished": "2024-07-04T00:00:00",
    "dateReserved": "2024-07-04T00:00:00",
    "dateUpdated": "2024-08-02T04:33:11.626Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-39929\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2024-07-04T15:15:10.323\",\"lastModified\":\"2024-07-09T16:22:58.760\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass a $mime_filename extension-blocking protection mechanism, and potentially deliver executable attachments to the mailboxes of end users.\"},{\"lang\":\"es\",\"value\":\"Exim hasta la versi\u00f3n 4.97.1 analiza err\u00f3neamente un nombre de archivo de encabezado RFC 2231 multil\u00ednea y, por lo tanto, atacantes remotos pueden eludir un mecanismo de protecci\u00f3n de bloqueo de extensi\u00f3n $mime_filename y potencialmente entregar archivos adjuntos ejecutables a los buzones de correo de los usuarios finales.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\",\"baseScore\":5.4,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":2.8,\"impactScore\":2.5}]},\"references\":[{\"url\":\"https://bugs.exim.org/show_bug.cgi?id=3099#c4\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://git.exim.org/exim.git/commit/1b3209b0577a9327ebb076f3b32b8a159c253f7b\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://git.exim.org/exim.git/commit/6ce5c70cff8989418e05d01fd2a57703007a6357\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://github.com/Exim/exim/compare/exim-4.98-RC2...exim-4.98-RC3\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.rfc-editor.org/rfc/rfc2231.txt\",\"source\":\"cve@mitre.org\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.