Computer Security
[EN] securityvulns.ru no-pyccku


exim code execution
Published:29.05.2014
Source:
SecurityVulns ID:13790
Type:remote
Threat Level:
8/10
Description:Code execution with EXPERIMENTAL_DMARC enabled.
Affected:EXIM : Exim 4.82
CVE:CVE-2014-2957 (The dmarc_process function in dmarc.c in Exim before 4.82.1, when EXPERIMENTAL_DMARC is enabled, allows remote attackers to execute arbitrary code via the From header in an email, which is passed to the expand_string function.)
Original documentdocumentoss-security-phil_(at)_spodhuis.org, [oss-security] Fwd: [exim-announce] Exim 4.82.1 Security Release (29.05.2014)
Files:SECURITY: DMARC uses From header untrusted data

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod