{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2024-39929", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2025-03-18T15:37:58.804Z", "dateReserved": "2024-07-04T00:00:00.000Z", "datePublished": "2024-07-04T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-07-04T14:47:11.317Z"}, "descriptions": [{"lang": "en", "value": "Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass a $mime_filename extension-blocking protection mechanism, and potentially deliver executable attachments to the mailboxes of end users."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://git.exim.org/exim.git/commit/6ce5c70cff8989418e05d01fd2a57703007a6357"}, {"url": "https://git.exim.org/exim.git/commit/1b3209b0577a9327ebb076f3b32b8a159c253f7b"}, {"url": "https://github.com/Exim/exim/compare/exim-4.98-RC2...exim-4.98-RC3"}, {"url": "https://www.rfc-editor.org/rfc/rfc2231.txt"}, {"url": "https://bugs.exim.org/show_bug.cgi?id=3099#c4"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-116", "lang": "en", "description": "CWE-116 Improper Encoding or Escaping of Output"}]}], "affected": [{"vendor": "exim", "product": "exim", "cpes": ["cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "4.97.1", "versionType": "custom"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-07-08T16:09:08.280186Z", "id": "CVE-2024-39929", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-18T15:37:58.804Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:33:11.626Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.exim.org/exim.git/commit/6ce5c70cff8989418e05d01fd2a57703007a6357", "tags": ["x_transferred"]}, {"url": "https://git.exim.org/exim.git/commit/1b3209b0577a9327ebb076f3b32b8a159c253f7b", "tags": ["x_transferred"]}, {"url": "https://github.com/Exim/exim/compare/exim-4.98-RC2...exim-4.98-RC3", "tags": ["x_transferred"]}, {"url": "https://www.rfc-editor.org/rfc/rfc2231.txt", "tags": ["x_transferred"]}, {"url": "https://bugs.exim.org/show_bug.cgi?id=3099#c4", "tags": ["x_transferred"]}]}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.exim.org/exim.git/commit/6ce5c70cff8989418e05d01fd2a57703007a6357", "tags": ["x_transferred"]}, {"url": "https://git.exim.org/exim.git/commit/1b3209b0577a9327ebb076f3b32b8a159c253f7b", "tags": ["x_transferred"]}, {"url": "https://github.com/Exim/exim/compare/exim-4.98-RC2...exim-4.98-RC3", "tags": ["x_transferred"]}, {"url": "https://www.rfc-editor.org/rfc/rfc2231.txt", "tags": ["x_transferred"]}, {"url": "https://bugs.exim.org/show_bug.cgi?id=3099#c4", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:33:11.626Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-39929", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-08T16:09:08.280186Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*"], "vendor": "exim", "product": "exim", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "4.97.1"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-116", "description": "CWE-116 Improper Encoding or Escaping of Output"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-08T16:10:49.707Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://git.exim.org/exim.git/commit/6ce5c70cff8989418e05d01fd2a57703007a6357"}, {"url": "https://git.exim.org/exim.git/commit/1b3209b0577a9327ebb076f3b32b8a159c253f7b"}, {"url": "https://github.com/Exim/exim/compare/exim-4.98-RC2...exim-4.98-RC3"}, {"url": "https://www.rfc-editor.org/rfc/rfc2231.txt"}, {"url": "https://bugs.exim.org/show_bug.cgi?id=3099#c4"}], "descriptions": [{"lang": "en", "value": "Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass a $mime_filename extension-blocking protection mechanism, and potentially deliver executable attachments to the mailboxes of end users."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-07-04T14:47:11.317Z"}}}, "cveMetadata": {"cveId": "CVE-2024-39929", "state": "PUBLISHED", "dateUpdated": "2025-03-18T15:37:58.804Z", "dateReserved": "2024-07-04T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2024-07-04T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*", "matchCriteriaId": "067D683A-5A3E-4B3D-86A4-4BB405D84A7D", "versionEndIncluding": "4.97.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass a $mime_filename extension-blocking protection mechanism, and potentially deliver executable attachments to the mailboxes of end users."}, {"lang": "es", "value": "Exim hasta la versi\u00f3n 4.97.1 analiza err\u00f3neamente un nombre de archivo de encabezado RFC 2231 multil\u00ednea y, por lo tanto, atacantes remotos pueden eludir un mecanismo de protecci\u00f3n de bloqueo de extensi\u00f3n $mime_filename y potencialmente entregar archivos adjuntos ejecutables a los buzones de correo de los usuarios finales."}], "id": "CVE-2024-39929", "lastModified": "2025-07-10T22:15:25.230", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.5, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-07-04T15:15:10.323", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Vendor Advisory"], "url": "https://bugs.exim.org/show_bug.cgi?id=3099#c4"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "https://git.exim.org/exim.git/commit/1b3209b0577a9327ebb076f3b32b8a159c253f7b"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "https://git.exim.org/exim.git/commit/6ce5c70cff8989418e05d01fd2a57703007a6357"}, {"source": "cve@mitre.org", "tags": ["Release Notes"], "url": "https://github.com/Exim/exim/compare/exim-4.98-RC2...exim-4.98-RC3"}, {"source": "cve@mitre.org", "tags": ["Not Applicable"], "url": "https://www.rfc-editor.org/rfc/rfc2231.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Vendor Advisory"], "url": "https://bugs.exim.org/show_bug.cgi?id=3099#c4"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.exim.org/exim.git/commit/1b3209b0577a9327ebb076f3b32b8a159c253f7b"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.exim.org/exim.git/commit/6ce5c70cff8989418e05d01fd2a57703007a6357"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes"], "url": "https://github.com/Exim/exim/compare/exim-4.98-RC2...exim-4.98-RC3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Not Applicable"], "url": "https://www.rfc-editor.org/rfc/rfc2231.txt"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-116"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"bugzilla": {"description": "exim: exim: Incorrect parsing of multiline rfc2231 header filename", "id": "2295819", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295819"}, "csaw": false, "cvss3": {"cvss3_base_score": "3.7", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N", "status": "draft"}, "cwe": "CWE-693", "details": ["Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass a $mime_filename extension-blocking protection mechanism, and potentially deliver executable attachments to the mailboxes of end users."], "name": "CVE-2024-39929", "public_date": "2024-07-04T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-39929"], "statement": "Exim is not shipped in any Red Hat Offerings.", "threat_severity": "Important"}

{}