DEBIAN-CVE-2019-16928

Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in stringvformat in string.c involving a long EHLO command...

PT-2019-3615 · Exim +2 · Exim +2

Name of the Vulnerable Software and Affected Versions: Exim versions 4.92 through 4.92.2 Description: The issue is related to a heap-based buffer overflow in the string vformat function in string.c, which can be exploited by sending a long EHLO command, potentially allowing remote code execution...

shopify-scripts: mrb_vformat() heap overflow could lead to code execution

Description: ==================== mrbvformat is responsible to parse string format like 'printf' in C, the code doesn't check the number given between '%' and '$' . mrbfixnumtostr is called by joinary and converts the given number from string into integer, this could lead to overwrite and fully...

exim: remote code execution flaw

Heap-based buffer overflow in the stringvformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to improper rejection logging...

CVE-2002-1651

CVE-2002-1651 describes a cross-site scripting (XSS) vulnerability in the Verity Search97 product. The issue arises from certain error messages in template pages that use the (1) vformat and (2) vfilter functions, enabling remote attackers to inject arbitrary web content and potentially access se...