Intrusion Prevention

Exim4.string_format.Function.Heap.Overflow

Description

This indicates a possible attack against a heap overflow vulnerability in Exim.
The vulnerability is a result of the string_format function's failure to properly sanitize user-supplied input.

Affected Products

Exim prior to and including version 4.69

Impact

System compromise

Recommended Actions

Refer to the vendor's link:
http://bugs.exim.org/show_bug.cgi?id=787

CVE References

CVE-2010-4345 CVE-2010-4344