Описание
Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | code not present |
| devel | released | 4.92.1-1ubuntu3 |
| disco | released | 4.92-4ubuntu1.4 |
| esm-infra-legacy/trusty | not-affected | code not present |
| esm-infra/bionic | not-affected | code not present |
| esm-infra/xenial | not-affected | code not present |
| precise/esm | DNE | |
| trusty | ignored | end of standard support |
| trusty/esm | not-affected | code not present |
| upstream | needs-triage |
Показывать по
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command.
Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command.
Exim 4.92 through 4.92.2 allows remote code execution, a different vul ...
Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command.
Уязвимость компонента string_vformat (string.c) почтового сервера Exim, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
7.5 High
CVSS2
9.8 Critical
CVSS3