Vulnerabilities > CVE-2018-16530 - Out-of-bounds Write vulnerability in Forcepoint Email Security 8.5.0/8.5.3

047910
CVSS 9.8 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
forcepoint
CWE-787
critical
NVD
Published: 2019-04-09
Updated: 2022-10-28

Summary

A stack-based buffer overflow in Forcepoint Email Security version 8.5 allows an attacker to craft malicious input and potentially crash a process creating a denial-of-service. While no known Remote Code Execution (RCE) vulnerabilities exist, as with all buffer overflows, the possibility of RCE cannot be completely ruled out. Data Execution Protection (DEP) is already enabled on the Email appliance as a risk mitigation.

Vulnerable Configurations

Part Description Count
Application
Forcepoint
2

Common Weakness Enumeration (CWE)

References