VYPR
Unrated severityNVD Advisory· Published Oct 31, 2012· Updated Jun 16, 2026

CVE-2012-5671

CVE-2012-5671

Description

Heap-based buffer overflow in the dkim_exim_query_dns_txt function in dkim.c in Exim 4.70 through 4.80, when DKIM support is enabled and acl_smtp_connect and acl_smtp_rcpt are not set to "warn control = dkim_disable_verify," allows remote attackers to execute arbitrary code via an email from a malicious DNS server.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

11
  • Exim/Exim10 versions
    cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*+ 9 more
    • cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*
    • cpe:2.3:a:exim:exim:4.71:*:*:*:*:*:*:*
    • cpe:2.3:a:exim:exim:4.72:*:*:*:*:*:*:*
    • cpe:2.3:a:exim:exim:4.73:*:*:*:*:*:*:*
    • cpe:2.3:a:exim:exim:4.74:*:*:*:*:*:*:*
    • cpe:2.3:a:exim:exim:4.75:*:*:*:*:*:*:*
    • cpe:2.3:a:exim:exim:4.76:*:*:*:*:*:*:*
    • cpe:2.3:a:exim:exim:4.77:*:*:*:*:*:*:*
    • cpe:2.3:a:exim:exim:4.80:*:*:*:*:*:*:*
    • (no CPE)range: >=4.70 <=4.80

Patches

Vulnerability mechanics

References

15

News mentions

0

No linked articles in our index yet.