CyberSec.Space Logo
返回 CVE 浏览器

CVE-2018-16530

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1860%
EPSS Percentile35.32th
Published2019年4月9日
Last Modified2024年11月21日

Vulnerability Description

A stack-based buffer overflow in Forcepoint Email Security version 8.5 allows an attacker to craft malicious input and potentially crash a process creating a denial-of-service. While no known Remote Code Execution (RCE) vulnerabilities exist, as with all buffer overflows, the possibility of RCE cannot be completely ruled out. Data Execution Protection (DEP) is already enabled on the Email appliance as a risk mitigation.

Affected Platforms (CPE)

📦
Forcepoint

Email Security

= 8.5.0
📦
Forcepoint

Email Security

= 8.5.3

References & Advisories

🔗 https://help.forcepoint.com/security/CVE/CVE-2018-16530.html
🔗 https://support.forcepoint.com/KBArticle?id=000016621
🔗 https://help.forcepoint.com/security/CVE/CVE-2018-16530.html
🔗 https://support.forcepoint.com/KBArticle?id=000016621

相关漏洞威胁

CVE-2017-234310.0

The Integrated User Firewall (UserFW) feature was introduced in Junos OS version 12.1X47-D10 on the Juniper SRX Series devices to ...

CVE-2002-136110.0

overflow.cgi CGI script in Sun Cobalt RaQ 4 with the SHP (Security Hardening Patch) installed allows remote attackers to execute a...

CVE-2018-165299.8

A password reset vulnerability has been discovered in Forcepoint Email Security 8.5.x. The password reset URL can be used after th...

CVE-2019-61409.8

A configuration issue has been discovered in Forcepoint Email Security 8.4.x and 8.5.x: the product is left in a vulnerable state ...