[exim-dev] [Bug 2449] Heap Overflow

Top Page

Reply to this message
Author: admin
To: exim-dev
Subject: [exim-dev] [Bug 2449] Heap Overflow

--- Comment #5 from Heiko Schlittermann <hs@???> ---
(In reply to areuu from comment #4)
> Please credit my team QAX A-TEAM.

The statement in the source will start as shown below.

CVE ID:     CVE-2019-16928
Date:       2019-09-27 (CVE assigned)
Version(s): from 4.92 up to and including 4.92.2
Reporter:   QAX-A-TEAM <areuu@???>
Reference:  https://bugs.exim.org/show_bug.cgi?id=2449
Issue:      Heap-based buffer overflow in string_vformat,
            remote code execution seems to be possible

You are receiving this mail because:
You are on the CC list for the bug.