The maintainers of the Exim mail transfer agent (MTA) have fixed a critical vulnerability (CVE-2024-39929) that currently affects around 1.5 million public-facing servers and can help attackers deliver malware to users. About CVE-2024-39929 The vulnerability stems from a bug in RFC 2231 header parsing, and may allow remote attackers to bypass protection measures and deliver executable attachments directly to end-users’ mailboxes.
Source: Help Net Security