cbcvebase.
CVE-2010-2024
published 2010-06-07

CVE-2010-2024: transports/appendfile.c in Exim before 4.72, when MBX locking is enabled, allows local users to change permissions of arbitrary files or create arbitrary…

PriorityP418medium4.4CVSS 2.0
AVLACMAuNCPIPAP
EPSS
0.28%
19.7th percentile
transports/appendfile.c in Exim before 4.72, when MBX locking is enabled, allows local users to change permissions of arbitrary files or create arbitrary files, and cause a denial of service or possibly gain privileges, via a symlink attack on a lockfile in /tmp/.

Affected

34 ranges· showing 25
VendorProductVersion rangeFixed in
debianexim4< exim4 4.72-1 (bookworm)exim4 4.72-1 (bookworm)
eximexim<= 4.71
eximexim
eximexim
eximexim
eximexim
eximexim
eximexim
eximexim
eximexim
eximexim
eximexim
eximexim
eximexim
eximexim
eximexim
eximexim
eximexim
eximexim
eximexim
eximexim
eximexim
eximexim
eximexim
eximexim

CVSS provenance

nvdv2.04.4MEDIUMAV:L/AC:M/Au:N/C:P/I:P/A:P
osv4.4MEDIUM
vendor_debian4.4LOW
vendor_redhat4.4MEDIUM
vendor_ubuntu4.4MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.