DescriptionThe dmarc_process function in dmarc.c in Exim before 4.82.1, when EXPERIMENTAL_DMARC is enabled, allows remote attackers to execute arbitrary code via the From header in an email, which is passed to the expand_string function.
Overall state of this security issue: Does not affect SUSE products
This issue is currently rated as having critical severity.
|National Vulnerability Database|
SUSE Security Advisories:
List of released packages
|Product(s)||Fixed package version(s)||References|
|openSUSE Tumbleweed|| ||Patchnames: |
openSUSE Tumbleweed GA exim-4.86.2-2.2
SUSE Timeline for this CVECVE page created: Wed May 28 22:26:33 2014
CVE page last modified: Thu Dec 7 13:07:21 2023