CVE-2024-39929

Name
CVE-2024-39929
Description
Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass a $mime_filename extension-blocking protection mechanism, and potentially deliver executable attachments to the mailboxes of end users.
NVD Severity
unknown
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
https://git.exim.org/exim.git/commit/6ce5c70cff8989418e05d01fd2a57703007a6357
https://git.exim.org/exim.git/commit/1b3209b0577a9327ebb076f3b32b8a159c253f7b
https://github.com/Exim/exim/compare/exim-4.98-RC2...exim-4.98-RC3
https://www.rfc-editor.org/rfc/rfc2231.txt
https://bugs.exim.org/show_bug.cgi?id=3099#c4

Match rules

CPE URI Source package Min version Max version
n/a == n/a == n/a
cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:* exim >= None <= 4.97.1

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
exim edge-community 4.98-r0 Celeste <cielesti@protonmail.com> fixed
exim edge-community 4.97.1-r0 Celeste <cielesti@protonmail.com> possibly vulnerable
exim edge-community 4.97-r0 Celeste <cielesti@protonmail.com> possibly vulnerable
exim edge-community 4.96.2-r0 Jesse Young <jlyo@jlyo.org> possibly vulnerable
exim edge-community 4.96.1-r0 Jesse Young <jlyo@jlyo.org> possibly vulnerable
exim edge-community 4.96-r2 Jesse Young <jlyo@jlyo.org> possibly vulnerable
exim edge-community 4.96-r1 Jesse Young <jlyo@jlyo.org> possibly vulnerable
exim edge-community 4.96-r0 Jesse Young <jlyo@jlyo.org> possibly vulnerable
exim edge-community 4.95-r0 Jesse Young <jlyo@jlyo.org> possibly vulnerable
exim edge-community 4.94.2-r1 Jesse Young <jlyo@jlyo.org> possibly vulnerable
exim edge-community 4.94.2-r0 Jesse Young <jlyo@jlyo.org> possibly vulnerable
exim edge-community 4.93-r1 None possibly vulnerable
exim edge-community 4.92.2-r1 None possibly vulnerable
exim edge-community 4.92.2-r0 None possibly vulnerable
exim edge-community 4.92.1-r0 None possibly vulnerable
exim edge-community 4.92-r0 None possibly vulnerable
exim edge-community 4.90.1-r0 None possibly vulnerable
exim edge-community 4.89.1-r0 None possibly vulnerable
exim edge-community 4.89-r7 None possibly vulnerable
exim edge-community 4.89-r5 None possibly vulnerable
exim 3.22-community 4.98-r0 None fixed
exim 3.22-community 4.97.1-r0 None possibly vulnerable
exim 3.22-community 4.96.2-r0 None possibly vulnerable
exim 3.22-community 4.96.1-r0 None possibly vulnerable
exim 3.22-community 4.94.2-r0 None possibly vulnerable
exim 3.22-community 4.93-r1 None possibly vulnerable
exim 3.22-community 4.92.2-r1 None possibly vulnerable
exim 3.22-community 4.92.2-r0 None possibly vulnerable
exim 3.22-community 4.92.1-r0 None possibly vulnerable
exim 3.22-community 4.92-r0 None possibly vulnerable
exim 3.22-community 4.90.1-r0 None possibly vulnerable
exim 3.22-community 4.89.1-r0 None possibly vulnerable
exim 3.22-community 4.89-r7 None possibly vulnerable
exim 3.22-community 4.89-r5 None possibly vulnerable
exim 3.21-community 4.98-r0 Celeste <cielesti@protonmail.com> fixed
exim 3.20-community 4.98-r0 Celeste <cielesti@protonmail.com> fixed
exim 3.20-community 4.97.1-r0 Celeste <cielesti@protonmail.com> possibly vulnerable