Vulnerability in N/a
CVE-2019-15846
Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash.
EPSS: 0.654 (98.5th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
Public proof-of-concept exploits
References
- exim.org/static/doc/security/CVE-2019-15846.txt (x_refsource_MISC)
- www.openwall.com/lists/oss-security/2019/09/06/1 (x_refsource_MISC)
- [debian-lts-announce] 20190906 [SECURITY] [DLA 1911-1] exim4 security update (mailing-list, x_refsource_MLIST)
- 20190906 [SECURITY] [DSA 4517-1] exim4 security update (mailing-list, x_refsource_BUGTRAQ)
- [oss-security] 20190906 Re: CVE-2019-15846: Exim - local or remote attacker can execute programs with root privileges. (mailing-list, x_refsource_MLIST)
- DSA-4517 (vendor-advisory, x_refsource_DEBIAN)
- USN-4124-1 (vendor-advisory, x_refsource_UBUNTU)
- VU#672565 (third-party-advisory, x_refsource_CERT-VN)
- [oss-security] 20190906 Sv: [exim] CVE-2019-15846: Exim - local or remote attacker can execute programs with root privileges (mailing-list, x_refsource_MLIST)
- [oss-security] 20190906 Re: CVE-2019-15846: Exim - local or remote attacker can execute programs with root privileges. (mailing-list, x_refsource_MLIST)
Frequently asked questions
- What is CVE-2019-15846?
- CVE-2019-15846 is a vulnerability in N/a. Published 2019-09-06.
- Is CVE-2019-15846 known to be exploited?
- 12 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.