Security Advisory

CVE-2019-19920

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-12-22 17:07:31

Last updated 2024-08-05 02:32:10

Assigner mitre

State PUBLISHED

Description

sa-exim 4.2.1 allows attackers to execute arbitrary code if they can write a .cf file or a rule. This occurs because Greylisting.pm relies on eval (rather than direct parsing and/or use of the taint feature). This issue is similar to CVE-2018-11805.

← Browse all CVEs View on cve.org ↗