⚠ Exploited in the wild
Exploitation observed in the wild. Not yet on CISA KEV.

CVE-2019-15846Classic Buffer Overflow in Exim

CWE-120Classic Buffer OverflowCWE-787Out-of-bounds WriteCWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-131Incorrect Calculation of Buffer Size23 documents11 sources
Severity
9.8CRITICALNVD
EPSS
64.0%
top 1.56%
CISA KEV
Not in KEV
Exploit
Exploited in wild
Active exploitation observed
Affected products
4
EximCanonical Ubuntu LinuxDebian Linux+1 more
Timeline
PublishedSep 27
Latest updateMay 24

Description

Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

NVDexim/exim4.924.92.2+1

Also affects: Debian Linux 10.0, 8.0, 9.0, Fedora 29, 30, 31, Ubuntu Linux 19.04

Patches

Patch: bugs.exim.orgPatch: git.exim.orgPatch: bugs.exim.org

🔴Vulnerability Details

7
GHSA
GHSA-f368-8x8g-4m4v: Exim before 42022-05-24
GHSA
GHSA-xg2f-gj2p-r7xq: Exim 42022-05-24
OSV
CVE-2019-16928: Exim 42019-09-27
CVEList
CVE-2019-16928: Exim 42019-09-27
OSV
CVE-2019-15846: Exim before 42019-09-06

🔍Detection Rules

2
Suricata
ET EXPLOIT Possible EXIM RCE Inbound (CVE-2019-15846) M22019-09-06
Suricata
ET EXPLOIT Possible EXIM RCE Inbound (CVE-2019-15846)2019-09-06

📋Vendor Advisories

6
Red Hat
exim: remotely triggerable buffer overflow in string_vformat()2019-09-27
Ubuntu
Exim vulnerability2019-09-16
Red Hat
exim: out-of-bounds access in string_interpret_escape() leading to buffer overflow in the SMTP delivery process2019-09-06
Ubuntu
Exim vulnerability2019-09-06
Debian
CVE-2019-15846: exim4 - Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via...2019

🕵️Threat Intelligence

3
Tenable
How COVID-19 Response Is Expanding the Cyberattack Surface2020-03-30
Tenable
CVE-2019-16928: Critical Buffer Overflow Flaw in Exim is Remotely Exploitable2019-09-30
Tenable
CVE-2019-15846: Unauthenticated Remote Command Execution Flaw Disclosed for Exim2019-09-06

💬Community

3
Bugzilla
CVE-2019-15846 exim: out-of-bounds access in string_interpret_escape() leading to buffer overflow in the SMTP delivery process [fedora-all]2019-09-06
Bugzilla
CVE-2019-15846 exim: out-of-bounds access in string_interpret_escape() leading to buffer overflow in the SMTP delivery process [epel-all]2019-09-06
Bugzilla
CVE-2019-15846 exim: out-of-bounds access in string_interpret_escape() leading to buffer overflow in the SMTP delivery process2019-09-03