The dmarc_process function in dmarc.c in Exim before 4.82.1, when EXPERIMENTAL_DMARC is enabled, allows remote attackers to execute arbitrary code via the From header in an email, which is passed to the expand_string function.
                
            References
                    Configurations
                    Configuration 1 (hide)
| 
 | 
History
                    No history.
Information
                Published : 2014-09-04 17:55
Updated : 2025-04-12 10:46
NVD link : CVE-2014-2957
Mitre link : CVE-2014-2957
CVE.ORG link : CVE-2014-2957
JSON object : View
Products Affected
                exim
- exim
CWE
                
                    
                        
                        CWE-20
                        
            Improper Input Validation
