Total vulnerabilities in the database
The dmarc_process function in dmarc.c in Exim before 4.82.1, when EXPERIMENTAL_DMARC is enabled, allows remote attackers to execute arbitrary code via the From header in an email, which is passed to the expand_string function.
| Software | From | Fixed in |
|---|---|---|
| exim / exim | 4.70 | 4.70.x |
| exim / exim | 4.69 | 4.69.x |
| exim / exim | 4.66 | 4.66.x |
| exim / exim | 4.10 | 4.10.x |
| exim / exim | 4.76 | 4.76.x |
| exim / exim | - | 4.82.x |
| exim / exim | 4.24 | 4.24.x |
| exim / exim | 4.30 | 4.30.x |
| exim / exim | 4.21 | 4.21.x |
| exim / exim | 4.03 | 4.03.x |
| exim / exim | 4.51 | 4.51.x |
| exim / exim | 4.71 | 4.71.x |
| exim / exim | 4.74 | 4.74.x |
| exim / exim | 4.67 | 4.67.x |
| exim / exim | 4.63 | 4.63.x |
| exim / exim | 4.00 | 4.00.x |
| exim / exim | 4.43 | 4.43.x |
| exim / exim | 4.22 | 4.22.x |
| exim / exim | 4.40 | 4.40.x |
| exim / exim | 4.52 | 4.52.x |
| exim / exim | 4.60 | 4.60.x |
| exim / exim | 4.61 | 4.61.x |
| exim / exim | 4.68 | 4.68.x |
| exim / exim | 4.54 | 4.54.x |
| exim / exim | 4.02 | 4.02.x |
| exim / exim | 4.77 | 4.77.x |
| exim / exim | 4.23 | 4.23.x |
| exim / exim | 4.01 | 4.01.x |
| exim / exim | 4.62 | 4.62.x |
| exim / exim | 4.12 | 4.12.x |
| exim / exim | 4.32 | 4.32.x |
| exim / exim | 4.11 | 4.11.x |
| exim / exim | 4.42 | 4.42.x |
| exim / exim | 4.05 | 4.05.x |
| exim / exim | 4.31 | 4.31.x |
| exim / exim | 4.72 | 4.72.x |
| exim / exim | 4.44 | 4.44.x |
| exim / exim | 4.14 | 4.14.x |
| exim / exim | 4.64 | 4.64.x |
| exim / exim | 4.04 | 4.04.x |
| exim / exim | 4.75 | 4.75.x |
| exim / exim | 4.41 | 4.41.x |
| exim / exim | 4.20 | 4.20.x |
| exim / exim | 4.65 | 4.65.x |
| exim / exim | 4.53 | 4.53.x |
| exim / exim | 4.80 | 4.80.x |
| exim / exim | 4.33 | 4.33.x |
| exim / exim | 4.80.1 | 4.80.1.x |
| exim / exim | 4.73 | 4.73.x |
| exim / exim | 4.50 | 4.50.x |
| exim / exim | 4.34 | 4.34.x |