CVE-2011-1407 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2011-1407 Interim 1 14 2024-04-03T00:56:28Z current 2021-05-30T12:56:58Z 2024-04-03T00:56:28Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2011-1407 The DKIM implementation in Exim 4.7x before 4.76 permits matching for DKIM identities to apply to lookup items, instead of only strings, which allows remote attackers to execute arbitrary code or access a filesystem via a crafted identity. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/J3SFKURISLALS2JGJL22FCLRZSUGU7TT/#J3SFKURISLALS2JGJL22FCLRZSUGU7TT E-Mail link for SUSE-SR:2011:010 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2GYOIMCZROPCPAJ2KKWIHJNXYM6WHVDA/#2GYOIMCZROPCPAJ2KKWIHJNXYM6WHVDA E-Mail link for SUSE-SU-2011:0608-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Tumbleweed exim-4.86.2-2.2 eximon-4.86.2-2.2 eximstats-html-4.86.2-2.2 exim-4.86.2-2.2 as a component of openSUSE Tumbleweed eximon-4.86.2-2.2 as a component of openSUSE Tumbleweed eximstats-html-4.86.2-2.2 as a component of openSUSE Tumbleweed The DKIM implementation in Exim 4.7x before 4.76 permits matching for DKIM identities to apply to lookup items, instead of only strings, which allows remote attackers to execute arbitrary code or access a filesystem via a crafted identity. CVE-2011-1407 openSUSE Tumbleweed:exim-4.86.2-2.2 openSUSE Tumbleweed:eximon-4.86.2-2.2 openSUSE Tumbleweed:eximstats-html-4.86.2-2.2 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P