[SingCERT] Critical Vulnerability CVE-2019-16928 in Exim Mail Server

Published on 01 Oct 2019

Updated on 07 Jan 2020


A critical vulnerability (CVE-2019-16928) was discovered in the Exim mail server, which is an open-source message transfer agent on Internet-facing Unix operating systems (OS).

The flaw exists in the way Exim handles text formatting, causing the program to crash when it processes text that is too long. It allows a local or remote attacker to cause a Denial of Service (DoS) condition on the Exim mail server by sending an Extended HELO (EHLO) string that is too long. EHLO is a command that commences the process of sending an email.

Affected Products

All Exim versions from 4.92 up to (and including) 4.92.2 are vulnerable.


Successful exploitation could allow a remote attacker to crash or potentially execute malicious code on targeted email servers.


System administrators managing the Exim Internet mailer are advised to update to version 4.92.3 immediately.