Exim: RCE using a heap-based buffer overflow (CVE-2019-16928)
There is a heap-based buffer overflow in string_vformat (string.c). The currently known exploit uses a extraordinary long EHLO string to crash the Exim process that is receiving the message. While at this mode of operation Exim already dropped its privileges, other paths to reach the vulnerable code may exist.
All versions from (and including) 4.92 up to (and including) 4.92.2 are vulnerable.
References:
Patch:
https://git.exim.org/exim.git/patch/478effbfd9c3cc5a627fc671d4bf94d13670d65f