Exim security update-CVE-2019-16928

March 14, 2022

NAME

EximExim

  • Platforms Affected:
    Exim

  • Risk Level:
    medium

  • CVE Type:
    Buffer overflow

DESCRIPTION

CVE-2019-16928 is a buffer overflow vulnerability impacting Exim versions 4.92 through 4.92.2. A proof of concept (PoC) was observed in open source. Security researchers at the Cybersecurity and Infrastructure Security Agency (CISA) claimed the vulnerability was actively exploited in the wild.

CVSS Information:

  • CVSS 2.0 SCORE: 7.5
  • CVSS 3.0 SCORE: 9.8

  • Exploit Disclosed in the Public:
    true

  • Exploit Weaponised:
    true

  • PoC Link:
    hXXps://bugs[.]exim[.]org/show_bug[.]cgi?id=2449

MITIGATION

The vendor addressed the vulnerability in a security update with an updated version.

  • Reference Link:
    https://git.exim.org/exim.git/commit/478effbfd9c3cc5a627fc671d4bf94d13670d65f

  • Patch Available:
    available

If you like the site, please consider joining the telegram channel and supporting us on Patreon using the button below.

Digital Patreon Wordmark FieryCoralv2

You may have missed

image

[QILIN] – Ransomware Victim: Zimmerman & Frachtman PA Law Firm

November 22, 2024
image

[QILIN] – Ransomware Victim: Calvert Home Mortgage Investment

November 22, 2024
image

[QILIN] – Ransomware Victim: LBCO Contracting LTD

November 22, 2024
unlock membership

Unveiling Blockchain Security: Safeguarding the Digital Ledger

November 22, 2024
news

A Fifth of UK Enterprises Uncertain About NIS2 Compliance Requirements

November 22, 2024