Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2019-16928

Description

Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command.

POC

Reference

No PoCs from references.

Github

- https://github.com/20142995/nuclei-templates

- https://github.com/ARPSyndicate/cvemon

- https://github.com/Farrhouq/Inpt-report

- https://github.com/Ostorlab/KEV

- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors

- https://github.com/area1/exim-cve-2019-10149-data

- https://github.com/cloudflare/exim-cve-2019-10149-data

- https://github.com/cyb3r-w0lf/nuclei-template-collection

- https://github.com/krlabs/eximsmtp-vulnerabilities

- https://github.com/q40603/Continuous-Invivo-Fuzz