Описание
Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command.
Ссылки
- ExploitMailing ListMitigationThird Party Advisory
- ExploitMailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Issue TrackingPatchVendor Advisory
- Patch
- Vendor Advisory
- Release Notes
- Release Notes
- Release Notes
- Mailing ListThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- ExploitMailing ListMitigationThird Party Advisory
- ExploitMailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Issue TrackingPatchVendor Advisory
- Patch
Уязвимые конфигурации
Одно из
EPSS
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
Связанные уязвимости
Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command.
Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command.
Exim 4.92 through 4.92.2 allows remote code execution, a different vul ...
Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command.
Уязвимость компонента string_vformat (string.c) почтового сервера Exim, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
EPSS
9.8 Critical
CVSS3
7.5 High
CVSS2