Skip to main content
CVE-2017-16943 CRITICAL POC PATCH THREAT Act Now

The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via vectors involving. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 76.9%.

Denial Of Service Memory Corruption Use After Free RCE Exim +1
NVD GitHub
CVSS 3.0
9.8
EPSS
76.9%
Threat
5.8

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy