NVD

Id
46771  
Name
CVE-2012-5671  
Description
Heap-based buffer overflow in the dkim_exim_query_dns_txt function in dkim.c in Exim 4.70 through 4.80, when DKIM support is enabled and acl_smtp_connect and acl_smtp_rcpt are not set to "warn control = dkim_disable_verify," allows remote attackers to execute arbitrary code via an email from a malicious DNS server.  
Reject
 
CVSS Version
2  
CVSS Score
6.8  
Severity
Medium  
CVSS Base Score
6.8  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-19  
Published
2012-10-31  
Modified Date
2013-04-18  
Seq
2012-5671  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
234332 46771 CVE-2012-5671 FEDORA-2012-16899  View
234333 46771 CVE-2012-5671 FEDORA-2012-17044  View
234334 46771 CVE-2012-5671 FEDORA-2012-17085  View
234335 46771 CVE-2012-5671 openSUSE-SU-2012:1404  View
234336 46771 CVE-2012-5671 DSA-2566  View
234337 46771 CVE-2012-5671 [oss-security] 20121027 CVE-2012-5671: Exim <= 4.80 DKIM heap-based buffer overflow  View
234338 46771 CVE-2012-5671 56285  View
234339 46771 CVE-2012-5671 USN-1618-1  View
234340 46771 CVE-2012-5671 exim-dkimeximquerydnstxt-bo(79615)  View
234341 46771 CVE-2012-5671 [exim-announce] 20121026 Exim 4.80.1 Security Release  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
29486 JVNDB-2012-005193 Exim の dkim.c におけるヒープベースのバッファオーバーフローの脆弱性 Exim の dkim.c 内の dkim_exim_query_dns_txt 関数には、DKIM サポートが有効で、かつ acl_smtp_connect および acl_smtp_rcpt が "warn control = dkim_disable_verify" に設定されていない場合、ヒープベースのバッファオーバーフローが存在します。 CVE-2012-5671 58909 CVE-2012-5671 46771 6.8 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005193.html 2012-10-26 2012-11-26 View