UBUNTU-CVE-2014-2957
- Source
- https://ubuntu.com/security/CVE-2014-2957
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2014/UBUNTU-CVE-2014-2957.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2014-2957
- Related
- Published
- 2014-09-04T17:55:00Z
- Modified
- 2014-09-04T17:55:00Z
- Summary
- [none]
- Details
-
The dmarcprocess function in dmarc.c in Exim before 4.82.1, when EXPERIMENTALDMARC is enabled, allows remote attackers to execute arbitrary code via the From header in an email, which is passed to the expand_string function.
- References
Affected packages
Ubuntu:Pro:14.04:LTS / exim4
Package
- Name
- exim4
- Purl
- pkg:deb/ubuntu/exim4?arch=src?distro=trusty/esm
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
4.*
4.80-7ubuntu3
4.80-7ubuntu4
4.80-9ubuntu1
4.80-9ubuntu2
4.82-3ubuntu1
4.82-3ubuntu2
4.82-3ubuntu2.1
4.82-3ubuntu2.2
4.82-3ubuntu2.3
4.82-3ubuntu2.4
4.82-3ubuntu2.4+esm1
4.82-3ubuntu2.4+esm2
4.82-3ubuntu2.4+esm3
4.82-3ubuntu2.4+esm4
4.82-3ubuntu2.4+esm6
4.82-3ubuntu2.4+esm7
4.82-3ubuntu2.4+esm8