cve-2019-10149 vulnerabilities and exploits

7.5
CVSSv2
CVE-2019-10149

A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution....

Exim
9
CVSSv2
CVE-2019-9486

STRATO HiDrive Desktop Client 5.0.1.0 for Windows suffers from a SYSTEM privilege escalation vulnerability through the HiDriveMaintenanceService service. This service establishes a NetNamedPipe endpoint that allows applications to connect and call publicly exposed methods. An...

7.5
CVSSv2
CVE-2019-16928

Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command....

9.3
CVSSv2
CVE-2017-11882

Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka...

MicrosoftOffice
10
CVSSv2
CVE-2019-15846

Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash....

EximDebianDebian Linux
10
CVSSv2
CVE-2019-13917

Exim 4.85 through 4.92 (fixed in 4.92.1) allows remote code execution as root in some unusual configurations that use the ${sort } expansion for items that can be controlled by an attacker (e.g., $local_part or $domain)....

EximDebianDebian Linux
10
CVSSv2
CVE-1999-0095

The debug command in Sendmail is enabled, allowing attackers to execute commands as root....

Eric AllmanSendmail
7.2
CVSSv2
CVE-1999-0145

Sendmail WIZ command enabled, allowing root access....

7.2
CVSSv2
CVE-2004-0360

Unknown vulnerability in passwd(1) in Solaris 8.0 and 9.0 allows local users to gain privileges via unknown attack vectors....

SunSolarisSunos
5
CVSSv2
CVE-2005-2428

Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields" enabled, stores sensitive data from names.nsf in hidden form fields, which allows remote attackers to read the HTML source to obtain sensitive information such as (1) the password hash in the...

IbmLotus Domino