Vulnerabilities > Exim > Exim > 4.80
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-09-04 | CVE-2014-2957 | Improper Input Validation vulnerability in Exim The dmarc_process function in dmarc.c in Exim before 4.82.1, when EXPERIMENTAL_DMARC is enabled, allows remote attackers to execute arbitrary code via the From header in an email, which is passed to the expand_string function. | 6.8 |
2012-10-31 | CVE-2012-5671 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Exim Heap-based buffer overflow in the dkim_exim_query_dns_txt function in dkim.c in Exim 4.70 through 4.80, when DKIM support is enabled and acl_smtp_connect and acl_smtp_rcpt are not set to "warn control = dkim_disable_verify," allows remote attackers to execute arbitrary code via an email from a malicious DNS server. | 6.8 |