NVD disclosure day

Published threat advisories for December 14, 2010

CVE advisoryKnown Exploit

CVE-2010-4345

Exim Local Privilege Escalation Vulnerability.

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

Local users with access to systems running Exim versions prior to 4.72 may escalate privileges by leveraging configuration file manipulation. This allows for arbitrary command execution, potentially leading to unauthorized system access and data compromise. Organizations should update Exim and restrict local access.

NVD published: • CISA KEV
CVE advisoryKnown Exploit

CVE-2010-4344

Exim Mail Server Code Execution Vulnerability.

Halo Surface Signal: 5 out of 5 — more likely to be public-facing.

Exim mail servers are affected by a heap-based buffer overflow flaw that could permit attackers to execute arbitrary code remotely. This vulnerability can be exploited via a specially crafted SMTP session, posing a significant risk to affected organizations and their systems.

NVD published: • CISA KEV