CVE-2019-16928
published 2019-09-27CVE-2019-16928: Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat…
PriorityP185critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2022-03-17
Exploited in the wild
EPSS
42.48%
98.5th percentile
Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| debian | exim4 | < exim4 4.92.2-3 (bookworm) | exim4 4.92.2-3 (bookworm) |
| exim | exim | 4.92 – 4.92.2 | — |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Trend Micro Deep Discovery Inspector rule for detecting CVE-2019-16928 exploit attempts over SMTP ↗
- →Trend Micro Deep Security Deep Packet Inspection rule for CVE-2019-16928 ↗
- →Trend Micro TippingPoint MainlineDV filter for CVE-2019-16928 SMTP buffer overflow ↗
- →The vulnerability is triggered via an oversized EHLO string sent to the Exim SMTP listener; monitor for abnormally long EHLO commands in SMTP traffic ↗
- →A proof-of-concept exploit is publicly available (shipped with the patch) that causes a DoS condition; expect active scanning of Exim SMTP services ↗
- ·No authentication is required to exploit this vulnerability; the attacker only needs network access to the SMTP port ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv9.8CRITICAL
vulncheck9.8CRITICAL
cisa9.8CRITICAL
vendor_debian9.8CRITICAL
vendor_redhat9.8CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-xg2f-gj2p-r7xq: Exim 4
ghsa_unreviewed·2022-05-24·CVSS 9.8
CVE-2019-16928 [CRITICAL] CWE-120 GHSA-xg2f-gj2p-r7xq: Exim 4
Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command.
OSV
CVE-2019-16928: Exim 4
osv·2019-09-27·CVSS 9.8
CVE-2019-16928 [CRITICAL] CVE-2019-16928: Exim 4
Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command.
VulnCheck
Exim Out-of-bounds Write Vulnerability
vulncheck·2019·CVSS 9.8
CVE-2019-16928 [CRITICAL] CWE-787 Exim Out-of-bounds Write Vulnerability
Exim Out-of-bounds Write Vulnerability
Exim contains an out-of-bounds write vulnerability which can allow for remote code execution.
Affected: Exim Exim
Required Action: Apply updates per vendor instructions.
Exploitation References: https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json
Remediation Due: 2022-03-17
CISA
Exim Out-of-bounds Write Vulnerability
cisa·2022-03-03·CVSS 9.8
CVE-2019-16928 [CRITICAL] CWE-787 Exim Out-of-bounds Write Vulnerability
Vulnerability: Exim Out-of-bounds Write Vulnerability
Affected: Exim Exim Internet Mailer
Exim contains an out-of-bounds write vulnerability which can allow for remote code execution.
Required Action: Apply updates per vendor instructions.
Notes: https://nvd.nist.gov/vuln/detail/CVE-2019-16928
Remediation Due Date: 2022-03-17
Ubuntu
Exim vulnerability
vendor_ubuntu·2019-09-28
CVE-2019-16928 Exim vulnerability
Title: Exim vulnerability
Summary: Exim could be made to crash or run programs if it received specially
crafted network traffic.
It was discovered that Exim incorrectly handled certain string operations.
A remote attacker could use this issue to cause Exim to crash, resulting in
a denial of service, or possibly execute arbitrary code.
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
exim: remotely triggerable buffer overflow in string_vformat()
vendor_redhat·2019-09-27·CVSS 9.8
CVE-2019-16928 [CRITICAL] CWE-131 exim: remotely triggerable buffer overflow in string_vformat()
exim: remotely triggerable buffer overflow in string_vformat()
Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command.
A heap-based buffer overflow flaw was found in Exim. The overflow can be triggered via specially crafted SMTP-protocol EHLO message, which may lead to unauthenticated remote code execution. It is thought that the execution of the remote code would be at the exim user level although execution as the root user cannot be ruled out.
Statement: This issue did not affect Red Hat Enterprise Linux 5 as the exim package did not contain the vulnerable code in any of our supported products.
Package: exim (Red Hat Enterprise Linux 5) - No
Debian
CVE-2019-16928: exim4 - Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability...
vendor_debian·2019·CVSS 9.8
CVE-2019-16928 [CRITICAL] CVE-2019-16928: exim4 - Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability...
Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command.
Scope: local
bookworm: resolved (fixed in 4.92.2-3)
bullseye: resolved (fixed in 4.92.2-3)
forky: resolved (fixed in 4.92.2-3)
sid: resolved (fixed in 4.92.2-3)
trixie: resolved (fixed in 4.92.2-3)
Suricata
ET EXPLOIT Possible EXIM DoS (CVE-2019-16928)
suricata·2019-09-30·CVSS 9.8
CVE-2019-16928 [CRITICAL] ET EXPLOIT Possible EXIM DoS (CVE-2019-16928)
ET EXPLOIT Possible EXIM DoS (CVE-2019-16928)
Rule: alert smtp any any -> $SMTP_SERVERS any (msg:"ET EXPLOIT Possible EXIM DoS (CVE-2019-16928)"; flow:established,to_server; content:"EHLO "; depth:5; isdataat:5000,relative; content:!"|0a|"; within:500; reference:cve,2019-16928; reference:url,bugs.exim.org/show_bug.cgi?id=2449; reference:url,git.exim.org/exim.git/patch/478effbfd9c3cc5a627fc671d4bf94d13670d65f; classtype:attempted-admin; sid:2028636; rev:3; metadata:attack_target SMTP_Server, created_at 2019_09_30, cve CVE_2019_16928, deployment Perimeter, deployment Internal, confidence Medium, signature_severity Critical, tag CISA_KEV, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2019_10_01;)
No public exploits indexed.
Tenable
How COVID-19 Response Is Expanding the Cyberattack Surface
blogs_tenable·2020-03-30
How COVID-19 Response Is Expanding the Cyberattack Surface
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Trendmicro
Partnership Advances DevSecOps, Cybersecurity Issues
blogs_trendmicro·2019-10-11
Partnership Advances DevSecOps, Cybersecurity Issues
Cyber Threats
# Partnership Advances DevSecOps, Cybersecurity Issues
Learn about how Trend Micro’s partnership with Snyk will advance DevSecOps. Also, read about cyber attacks affecting hospitals in Alabama and Indiana as well as disregarded cybersecurity protocols in Mississippi.
By: Jon Clay
Oct 11, 2019
Read time: ( words)
Save to Folio
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about how Trend Micro’s partnership with Snyk will advance DevSecOps. Also, read about cyber attacks affecting hospitals in Alabama and Indiana as well as disregarded cybersecurity protocols in Mississippi.
Read on:
#### Trend Micro Partners with Snyk to Advance DevSecOps
Trend Micro a
Trendmicro
Partnership Advances DevSecOps, Cybersecurity Issues
blogs_trendmicro·2019-10-11
Partnership Advances DevSecOps, Cybersecurity Issues
Cyber Threats
# Partnership Advances DevSecOps, Cybersecurity Issues
Learn about how Trend Micro’s partnership with Snyk will advance DevSecOps. Also, read about cyber attacks affecting hospitals in Alabama and Indiana as well as disregarded cybersecurity protocols in Mississippi.
By: Jon Clay
2019/10/11
Read time: ( words)
Save to Folio
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about how Trend Micro’s partnership with Snyk will advance DevSecOps. Also, read about cyber attacks affecting hospitals in Alabama and Indiana as well as disregarded cybersecurity protocols in Mississippi.
Read on:
#### Trend Micro Partners with Snyk to Advance DevSecOps
Trend Micro ann
Trendmicro
CVE-2019-16928: Exim Vuln Exploit via EHLO Strings
blogs_trendmicro·2019-10-10·CVSS 9.8
CVE-2019-16928 [CRITICAL] CVE-2019-16928: Exim Vuln Exploit via EHLO Strings
Exploits & Vulnerabilities
# CVE-2019-16928: Exim Vuln Exploit via EHLO Strings
Researchers found CVE-2019-16928, a vulnerability in mail transfer agent Exim. Exim accounts for over 50% of publicly reachable mail servers online, and threat actors can exploit it for denial of service (DoS) or remote code execution attacks (RCE).
By: Ashish Verma
2019/10/10
Read time: ( words)
Save to Folio
In September, security researchers from the QAX-A-Team discovered the existence of CVE-2019-16928, a vulnerability involving the mail transfer agent Exim. Exim accounts for over 50% of publicly reachable mail servers on the internet. What makes the bug particularly noteworthy is that threat actors could exploit it to perform denial of service (DoS) or possibly even remote code execution attacks (RCE
Trendmicro
CVE-2019-16928: Exim Vuln Exploit via EHLO Strings
blogs_trendmicro·2019-10-10·CVSS 9.8
CVE-2019-16928 [CRITICAL] CVE-2019-16928: Exim Vuln Exploit via EHLO Strings
Ausnutzung von Schwachstellen
## CVE-2019-16928: Exim Vuln Exploit via EHLO Strings
Researchers found CVE-2019-16928, a vulnerability in mail transfer agent Exim. Exim accounts for over 50% of publicly reachable mail servers online, and threat actors can exploit it for denial of service (DoS) or remote code execution attacks (RCE).
By: Ashish Verma Oct 10, 2019 Read time: ( words)
Save to Folio
In September, security researchers from the QAX-A-Team discovered the existence of CVE-2019-16928, a vulnerability involving the mail transfer agent Exim . Exim accounts for over 50% of publicly reachable mail servers on the internet. What makes the bug particularly noteworthy is that threat actors could exploit it to perform denial of service (DoS) or possibly even remote code execution attack
Trendmicro
CVE-2019-16928: Exim Vuln Exploit via EHLO Strings
blogs_trendmicro·2019-10-10·CVSS 9.8
CVE-2019-16928 [CRITICAL] CVE-2019-16928: Exim Vuln Exploit via EHLO Strings
Exploits & Vulnerabilities
## CVE-2019-16928: Exim Vuln Exploit via EHLO Strings
Researchers found CVE-2019-16928, a vulnerability in mail transfer agent Exim. Exim accounts for over 50% of publicly reachable mail servers online, and threat actors can exploit it for denial of service (DoS) or remote code execution attacks (RCE).
By: Ashish Verma 2019/10/10 Read time: ( words)
Save to Folio
In September, security researchers from the QAX-A-Team discovered the existence of CVE-2019-16928, a vulnerability involving the mail transfer agent Exim . Exim accounts for over 50% of publicly reachable mail servers on the internet. What makes the bug particularly noteworthy is that threat actors could exploit it to perform denial of service (DoS) or possibly even remote code execution attacks (RC
Trendmicro
CVE-2019-16928: Exim Vuln Exploit via EHLO Strings
blogs_trendmicro·2019-10-10·CVSS 9.8
CVE-2019-16928 [CRITICAL] CVE-2019-16928: Exim Vuln Exploit via EHLO Strings
Exploits & Vulnerabilities
## CVE-2019-16928: Exim Vuln Exploit via EHLO Strings
Researchers found CVE-2019-16928, a vulnerability in mail transfer agent Exim. Exim accounts for over 50% of publicly reachable mail servers online, and threat actors can exploit it for denial of service (DoS) or remote code execution attacks (RCE).
By: Ashish Verma Oct 10, 2019 Read time: ( words)
Save to Folio
In September, security researchers from the QAX-A-Team discovered the existence of CVE-2019-16928, a vulnerability involving the mail transfer agent Exim . Exim accounts for over 50% of publicly reachable mail servers on the internet. What makes the bug particularly noteworthy is that threat actors could exploit it to perform denial of service (DoS) or possibly even remote code execution attacks (
Trendmicro
CVE-2019-16928: Exim Vuln Exploit via EHLO Strings
blogs_trendmicro·2019-10-10·CVSS 9.8
CVE-2019-16928 [CRITICAL] CVE-2019-16928: Exim Vuln Exploit via EHLO Strings
Exploits & Vulnerabilities
# CVE-2019-16928: Exim Vuln Exploit via EHLO Strings
Researchers found CVE-2019-16928, a vulnerability in mail transfer agent Exim. Exim accounts for over 50% of publicly reachable mail servers online, and threat actors can exploit it for denial of service (DoS) or remote code execution attacks (RCE).
By: Ashish Verma
Oct 10, 2019
Read time: ( words)
Save to Folio
In September, security researchers from the QAX-A-Team discovered the existence of CVE-2019-16928, a vulnerability involving the mail transfer agent Exim. Exim accounts for over 50% of publicly reachable mail servers on the internet. What makes the bug particularly noteworthy is that threat actors could exploit it to perform denial of service (DoS) or possibly even remote code execution attacks (R
Trendmicro
CVE-2019-16928: Exim Vuln Exploit via EHLO Strings
blogs_trendmicro·2019-10-10·CVSS 9.8
CVE-2019-16928 [CRITICAL] CVE-2019-16928: Exim Vuln Exploit via EHLO Strings
Sfruttamento vulnerabilità
## CVE-2019-16928: Exim Vuln Exploit via EHLO Strings
Researchers found CVE-2019-16928, a vulnerability in mail transfer agent Exim. Exim accounts for over 50% of publicly reachable mail servers online, and threat actors can exploit it for denial of service (DoS) or remote code execution attacks (RCE).
By: Ashish Verma Oct 10, 2019 Read time: ( words)
Save to Folio
In September, security researchers from the QAX-A-Team discovered the existence of CVE-2019-16928, a vulnerability involving the mail transfer agent Exim . Exim accounts for over 50% of publicly reachable mail servers on the internet. What makes the bug particularly noteworthy is that threat actors could exploit it to perform denial of service (DoS) or possibly even remote code execution attacks (
Trendmicro
CVE-2019-16928: Exim Vuln Exploit via EHLO Strings
blogs_trendmicro·2019-10-10·CVSS 9.8
CVE-2019-16928 [CRITICAL] CVE-2019-16928: Exim Vuln Exploit via EHLO Strings
Exploits y vulnerabilidades
## CVE-2019-16928: Exim Vuln Exploit via EHLO Strings
Researchers found CVE-2019-16928, a vulnerability in mail transfer agent Exim. Exim accounts for over 50% of publicly reachable mail servers online, and threat actors can exploit it for denial of service (DoS) or remote code execution attacks (RCE).
By: Ashish Verma Oct 10, 2019 Read time: ( words)
Save to Folio
In September, security researchers from the QAX-A-Team discovered the existence of CVE-2019-16928, a vulnerability involving the mail transfer agent Exim . Exim accounts for over 50% of publicly reachable mail servers on the internet. What makes the bug particularly noteworthy is that threat actors could exploit it to perform denial of service (DoS) or possibly even remote code execution attacks
Trendmicro
Android GIF Hacks; Hospital Network Vulnerabilities
blogs_trendmicro·2019-10-04
Android GIF Hacks; Hospital Network Vulnerabilities
Cyber Crime
# Android GIF Hacks; Hospital Network Vulnerabilities
Learn how smart home devices can be easily hacked and 11 vulnerabilities that could affect medical devices and hospital networks and why AI could be vital to your security future and a massive Zynga breach affecting more than 200 million players.
By: Jon Clay
Oct 04, 2019
Read time: ( words)
Save to Folio
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about how smart home devices can be easily hacked and 11 vulnerabilities that could affect medical devices and hospital networks. Also, read about why AI could be vital to your security future and a massive Zynga breach affecting more than 200 million player
Trendmicro
Android GIF Hacks; Hospital Network Vulnerabilities
blogs_trendmicro·2019-10-04
Android GIF Hacks; Hospital Network Vulnerabilities
Cyber Crime
# Android GIF Hacks; Hospital Network Vulnerabilities
Learn how smart home devices can be easily hacked and 11 vulnerabilities that could affect medical devices and hospital networks and why AI could be vital to your security future and a massive Zynga breach affecting more than 200 million players.
By: Jon Clay
2019/10/04
Read time: ( words)
Save to Folio
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about how smart home devices can be easily hacked and 11 vulnerabilities that could affect medical devices and hospital networks. Also, read about why AI could be vital to your security future and a massive Zynga breach affecting more than 200 million players.
Checkpoint
2nd October – Threat Intelligence Bulletin
blogs_checkpoint·2019-10-02·CVSS 9.8
CVE-2019-16759 [CRITICAL] 2nd October – Threat Intelligence Bulletin
Latest Publications
CPR Podcast Channel
AI Research
Web 3.0 Security
Intelligence Reports
ThreatCloud AI
Threat Intelligence & Research
Zero Day Protection
Sandblast File Analysis
About Us
SUBSCRIBE
2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
## 2nd October – Threat Intelligence Bulletin
For the latest discoveries in cyber research for the week of 2nd October 2019, please download our Threat Intelligence Bulletin
TOP ATTACKS AND BREACHES
Check Point researchers have identified a targeted and extensive attack against East Asian government entities over the span of 7 months. The attackers, which apparently are members of the Chinese Rancor threat group, used spear-phishing to reach their victims, pretending to send emails from other government offices.
Tenable
CVE-2019-16928: Critical Buffer Overflow Flaw in Exim is Remotely Exploitable
blogs_tenable·2019-09-30·CVSS 9.8
[CRITICAL] CVE-2019-16928: Critical Buffer Overflow Flaw in Exim is Remotely Exploitable
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Bugzilla
CVE-2019-16928 exim: remotely triggerable buffer overflow in string_vformat() [fedora-all]
bugzilla·2019-09-30·CVSS 9.8
CVE-2019-16928 [CRITICAL] CVE-2019-16928 exim: remotely triggerable buffer overflow in string_vformat() [fedora-all]
CVE-2019-16928 exim: remotely triggerable buffer overflow in string_vformat() [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple suppo
Bugzilla
CVE-2019-16928 exim: remotely triggerable buffer overflow in string_vformat() [epel-all]
bugzilla·2019-09-30·CVSS 9.8
CVE-2019-16928 [CRITICAL] CVE-2019-16928 exim: remotely triggerable buffer overflow in string_vformat() [epel-all]
CVE-2019-16928 exim: remotely triggerable buffer overflow in string_vformat() [epel-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of epel-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported
Bugzilla
CVE-2019-16928 exim: remotely triggerable buffer overflow in string_vformat()
bugzilla·2019-09-30·CVSS 9.8
CVE-2019-16928 [CRITICAL] CVE-2019-16928 exim: remotely triggerable buffer overflow in string_vformat()
CVE-2019-16928 exim: remotely triggerable buffer overflow in string_vformat()
A heap-based buffer overflow flaw was reported in the Exim's internal function string_vformat(). Additionally, it was identified that the overflow can be triggered via specially crafted SMTP protocol EHLO message, which may lead to unauthenticated remote code execution.
Upstream bug report:
https://bugs.exim.org/show_bug.cgi?id=2449
Upstream commit:
https://git.exim.org/exim.git/commitdiff/478effbfd9c3cc5a627fc671d4bf94d13670d65f
The issue was fixed upstream in version 4.92.3.
Discussion:
External References:
https://exim.org/static/doc/security/CVE-2019-16928.txt
---
Created exim tracking bugs for this issue:
Affects: epel-all [bug 1756934]
Affects: fedora-all [bug 1756933]
---
This is flaw was int
http://www.openwall.com/lists/oss-security/2019/09/28/1http://www.openwall.com/lists/oss-security/2019/09/28/2http://www.openwall.com/lists/oss-security/2019/09/28/3http://www.openwall.com/lists/oss-security/2019/09/28/4https://bugs.exim.org/show_bug.cgi?id=2449https://git.exim.org/exim.git/commit/478effbfd9c3cc5a627fc671d4bf94d13670d65fhttps://lists.exim.org/lurker/message/20190927.032457.c1044d4c.en.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EED7HM3MFIBAP5OIMJAFJ35JAJABTVSC/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T3TJW4HPYH3O5HZCWGD6NSHTEBTTAPDC/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UY6HPRW7MR3KBQ5JFHH6OXM7YCZBJCOB/https://seclists.org/bugtraq/2019/Sep/60https://security.gentoo.org/glsa/202003-47https://usn.ubuntu.com/4141-1/https://www.debian.org/security/2019/dsa-4536http://www.openwall.com/lists/oss-security/2019/09/28/1http://www.openwall.com/lists/oss-security/2019/09/28/2http://www.openwall.com/lists/oss-security/2019/09/28/3http://www.openwall.com/lists/oss-security/2019/09/28/4https://bugs.exim.org/show_bug.cgi?id=2449https://git.exim.org/exim.git/commit/478effbfd9c3cc5a627fc671d4bf94d13670d65fhttps://lists.exim.org/lurker/message/20190927.032457.c1044d4c.en.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EED7HM3MFIBAP5OIMJAFJ35JAJABTVSC/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T3TJW4HPYH3O5HZCWGD6NSHTEBTTAPDC/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UY6HPRW7MR3KBQ5JFHH6OXM7YCZBJCOB/https://seclists.org/bugtraq/2019/Sep/60https://security.gentoo.org/glsa/202003-47https://usn.ubuntu.com/4141-1/https://www.debian.org/security/2019/dsa-4536https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-16928
2019-09-27
Published
2022-03-03
Added to CISA KEV
Exploited in the wild