Exim security update-CVE-2019-16928
NAME
Exim – Exim
- Platforms Affected:
Exim - Risk Level:
medium - CVE Type:
Buffer overflow
DESCRIPTION
CVE-2019-16928 is a buffer overflow vulnerability impacting Exim versions 4.92 through 4.92.2. A proof of concept (PoC) was observed in open source. Security researchers at the Cybersecurity and Infrastructure Security Agency (CISA) claimed the vulnerability was actively exploited in the wild.
CVSS Information:
- CVSS 2.0 SCORE: 7.5
- CVSS 3.0 SCORE: 9.8
- Exploit Disclosed in the Public:
true - Exploit Weaponised:
true - PoC Link:
hXXps://bugs[.]exim[.]org/show_bug[.]cgi?id=2449
MITIGATION
The vendor addressed the vulnerability in a security update with an updated version.
- Reference Link:
https://git.exim.org/exim.git/commit/478effbfd9c3cc5a627fc671d4bf94d13670d65f - Patch Available:
available
If you like the site, please consider joining the telegram channel and supporting us on Patreon using the button below.