8 matches found
Exim Mail Transfer Agent (MTA) Improper Input Validation
Improper validation of recipient address in delivermessage function in /src/deliver.c may lead to remote command execution...
VulnCheck KEV: CVE-2019-10149
Improper validation of recipient address in delivermessage function in /src/deliver.c may lead to remote command execution...
The vulnerability of the deliver_message() function (/src/deliver.c) in the Exim mail server allows a hacker to execute arbitrary code.
The vulnerability of the delivermessage function /src/deliver.c in the Exim mail server is related to insufficient validation of input data. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
FreeBSD : Exim -- RCE in deliver_message() function (45bea6b5-8855-11e9-8d41-97657151f8c2)
Exim team and Qualys report : We received a report of a possible remote exploit. Currently there is no evidence of an active use of this exploit. A patch exists already, is being tested, and backported to all versions we released since and including 4.87. The severity depends on your configuratio...
Exim 4.87 - 4.91 RCE Vulnerability
Exim is prone to an unauthenticated remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
DEBIAN-CVE-2019-10149
A flaw was found in Exim versions 4.87 to 4.91 inclusive. Improper validation of recipient address in delivermessage function in /src/deliver.c may lead to remote command execution...
UBUNTU-CVE-2019-10149
A flaw was found in Exim versions 4.87 to 4.91 inclusive. Improper validation of recipient address in delivermessage function in /src/deliver.c may lead to remote command execution...
Exim -- RCE in deliver_message() function
Exim team and Qualys report: We received a report of a possible remote exploit. Currently there is no evidence of an active use of this exploit. A patch exists already, is being tested, and backported to all versions we released since and including 4.87. The severity depends on your configuration...