We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-39929



Description

Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass a $mime_filename extension-blocking protection mechanism, and potentially deliver executable attachments to the mailboxes of end users.

Reserved 2024-07-04 | Published 2024-07-04 | Updated 2025-03-18 | Assigner mitre

References

git.exim.org/...mit/6ce5c70cff8989418e05d01fd2a57703007a6357

git.exim.org/...mit/1b3209b0577a9327ebb076f3b32b8a159c253f7b

github.com/Exim/exim/compare/exim-4.98-RC2...exim-4.98-RC3

www.rfc-editor.org/rfc/rfc2231.txt

bugs.exim.org/show_bug.cgi?id=3099

cve.org (CVE-2024-39929)

nvd.nist.gov (CVE-2024-39929)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2024-39929

Support options

Helpdesk Chat, Email, Knowledgebase
© Copyright 2025 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.