Security Advisory: Buffer Overflow Vulnerability in Email Security (CVE-2018-16530)

Summary

Details about the buffer overflow vulnerability in Email Security versions 8.5.0 and 8.5.3. Take the actions recommended in this security advisory immediately to mitigate this issue.

Information

Security advisory severity:  
CVE-2018-16530 – High
 
CVE number: 
CVE-2018-16530
 
Security advisory summary
A stack-based buffer overflow in Email Security allowed an attacker to craft malicious input and potentially crash a process creating a denial-of-service. While no known Remote Code Execution (RCE) vulnerabilities exist, as with all buffer overflows, the possibility of RCE cannot be completely ruled out. Data Execution Protection (DEP) is already enabled on the Email appliance as a risk mitigation.

Forcepoint would like to thank Tomasz Bukowski from Bank Millennium for bringing this to our attention and working diligently with our Product Security Incident Response Team (PSIRT) to responsibly disclose this vulnerability in a coordinated manner.

Affected products

• Forcepoint Email Security 

Resolution

Workaround(s)
This vulnerability can be mitigated by enabling Recipient Validation. See the Managing user validation/authentication options section of the Forcepoint Email Security Administrator Help document for more information. 

Hotfix(es) and information about other fixes
 
The following hotfixes are available to resolve this vulnerability:

		Email Security 8.5.0		Email Security 8.5.3
CVE-2018-16530		V8.5.0 HF001 For Appliance V8.5.0 HF001 For Windows		V8.5.3 HF001 For Appliance