CVE-2010-4344

Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session. Vendor/Product: Exim Exim. Added to CISA KEV 2022-03-25; required action: Apply updates per vendor instructions.