11 matches found
CVE-2019-19920
sa-exim 4.2.1 allows attackers to execute arbitrary code if they can write a .cf file or a rule. This occurs because Greylisting.pm relies on eval rather than direct parsing and/or use of the taint feature. This issue is similar to CVE-2018-11805...
CVE-2019-19920
creationtimestamp| type| source ---|---|--- 2024-03-16 13:16:27+00:00| seen| https://t.me/ctinow/209523...
USN-4520-1: Exim SpamAssassin vulnerability
It was discovered that Exim SpamAssassin does not properly handle configuration strings. An attacker could possibly use this issue to execute arbitrary code. CVE-2019-19920...
USN-4520-1 sa-exim vulnerability
It was discovered that Exim SpamAssassin does not properly handle configuration strings. An attacker could possibly use this issue to execute arbitrary code. CVE-2019-19920...
Ubuntu 16.04 LTS : Exim SpamAssassin vulnerability (USN-4520-1)
The remote Ubuntu 16.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-4520-1 advisory. It was discovered that Exim SpamAssassin does not properly handle configuration strings. An attacker could possibly use this issue to execute arbitrary code...
CVE-2019-19920
sa-exim 4.2.1 allows attackers to execute arbitrary code if they can write a .cf file or a rule. This occurs because Greylisting.pm relies on eval rather than direct parsing and/or use of the taint feature. This issue is similar to CVE-2018-11805...
CVE-2019-19920
sa-exim 4.2.1 allows attackers to execute arbitrary code if they can write a .cf file or a rule. This occurs because Greylisting.pm relies on eval rather than direct parsing and/or use of the taint feature. This issue is similar to CVE-2018-11805...
CVE-2019-19920
sa-exim 4.2.1 allows attackers to execute arbitrary code if they can write a .cf file or a rule. This occurs because Greylisting.pm relies on eval rather than direct parsing and/or use of the taint feature. This issue is similar to CVE-2018-11805...
CVE-2019-19920
sa-exim 4.2.1 allows attackers to execute arbitrary code if they can write a .cf file or a rule. This occurs because Greylisting.pm relies on eval rather than direct parsing and/or use of the taint feature. This issue is similar to CVE-2018-11805...
CVE-2019-19920
CVE-2019-19920 affects sa-exim 4.2.1: attackers who can write a .cf file or rule can trigger arbitrary code execution due to Greylisting.pm using eval. This is related to, and similar in behavior to, CVE-2018-11805. Documented impact is remote code execution with the required access to customize ...
CVE-2019-19920
sa-exim 4.2.1 allows attackers to execute arbitrary code if they can write a .cf file or a rule. This occurs because Greylisting.pm relies on eval rather than direct parsing and/or use of the taint feature. This issue is similar to CVE-2018-11805...