Overview :
Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command.
Affected Product(s) :
  • Exim 4.92 through 4.92.2
Vulnerability Details :
CVE ID : CVE-2019-16928
Heap-based buffer overflow in string_vformat, remote code execution seems to be possible

Solution :

** Exim 4.92.3 released (security release) **