CVE-2018-16530

Name of the Vulnerable Software and Affected Versions Forcepoint Email Security version 8.5

Description A stack-based buffer overflow allows an attacker to craft malicious input, potentially crashing a process and creating a denial-of-service. Although no known Remote Code Execution (RCE) vulnerabilities exist, the possibility of RCE cannot be completely ruled out. Data Execution Protection (DEP) is enabled on the Email appliance as a risk mitigation.

Recommendations For Forcepoint Email Security version 8.5, consider applying configuration changes to mitigate the risk of exploitation, such as enabling additional security features to prevent malicious input. As a temporary workaround, restrict access to potentially vulnerable components until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.