Bypassing $mime_filename extension-blocking protection mechanism through misparsing of multiline RFC 2231 header filename

CVE-2024-39929

Summary

The vulnerability identified as CVE-2024-39929 affects Exim, a popular mail transfer agent widely used in Unix-based systems. This vulnerability allows remote attackers to bypass the protection mechanism and potentially deliver executable attachments to end users' mailboxes. It has a CVSS score of 9.1 out of 10 and has been exploited. The vulnerability affects millions of servers running Exim, with a large number of potentially vulnerable instances in the United States, Russia, and Canada. While there are no reports of active exploitation, users are advised to apply patches promptly to mitigate the risk.

News Articles

Help Net Security

CVE-2024-36991CVE-2024-39929

Week in review: CrowdStrike update causes widespread IT outage, critical Splunk Enterprise flaw - Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Faulty CrowdStrike update takes out Windows machines

7 months ago

SC Media

CVE-2024-39929

Vulnerability Chains – PSW #835

Find new flaws in UEFI using STASE, combining vulnerabilities to exploit Sonicwall Devices, remote BMC exploits, Netgear patches, and not a lot of information, 22 minutes before exploited, if the secrets were lost, we’d all be in screwed, Exim has not been replaced by something better and its ...

7 months ago

Help Net Security

CVE-2024-39929

Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929) - Help Net Security

Exim developers have fixed a critical vulnerability (CVE-2024-39929) that can help attackers deliver malware to users.

7 months ago

More News...

References