Format string vulnerability in the dkim_exim_verify_finish function in src/dkim.c in Exim prior to 4.76 might allow remote malicious users to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers in data used in DKIM logging, as demonstrated by an identity field containing a % (percent) character.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
exim exim 4.50 |
||
exim exim 4.44 |
||
exim exim 4.63 |
||
exim exim 4.62 |
||
exim exim 4.61 |
||
exim exim 4.21 |
||
exim exim 4.22 |
||
exim exim 4.41 |
||
exim exim 4.40 |
||
exim exim 4.03 |
||
exim exim 4.02 |
||
exim exim 3.32 |
||
exim exim 3.31 |
||
exim exim 3.14 |
||
exim exim 3.13 |
||
exim exim 2.12 |
||
exim exim 2.11 |
||
exim exim 4.74 |
||
exim exim |
||
exim exim 4.51 |
||
exim exim 4.30 |
||
exim exim 4.64 |
||
exim exim 4.23 |
||
exim exim 4.24 |
||
exim exim 4.68 |
||
exim exim 4.10 |
||
exim exim 4.14 |
||
exim exim 4.05 |
||
exim exim 4.04 |
||
exim exim 3.34 |
||
exim exim 3.33 |
||
exim exim 3.16 |
||
exim exim 3.15 |
||
exim exim 3.01 |
||
exim exim 3.00 |
||
exim exim 4.72 |
||
exim exim 4.73 |
||
exim exim 4.43 |
||
exim exim 4.34 |
||
exim exim 4.60 |
||
exim exim 4.54 |
||
exim exim 4.42 |
||
exim exim 4.65 |
||
exim exim 4.32 |
||
exim exim 4.20 |
||
exim exim 4.01 |
||
exim exim 4.00 |
||
exim exim 3.30 |
||
exim exim 3.22 |
||
exim exim 3.12 |
||
exim exim 3.11 |
||
exim exim 2.10 |
||
exim exim 4.69 |
||
exim exim 4.33 |
||
exim exim 4.31 |
||
exim exim 4.53 |
||
exim exim 4.52 |
||
exim exim 4.66 |
||
exim exim 4.67 |
||
exim exim 4.11 |
||
exim exim 4.12 |
||
exim exim 3.36 |
||
exim exim 3.35 |
||
exim exim 3.21 |
||
exim exim 3.20 |
||
exim exim 3.10 |
||
exim exim 3.03 |
||
exim exim 3.02 |
||
exim exim 4.70 |
||
exim exim 4.71 |