Suresh Ramasubramanian

**Name of the Vulnerable Software and Affected Versions** Exim versions prior to 4.76 **Description** The issue is related to a format string vulnerability in the `dkim exim verify finish` function. This vulnerability might allow remote attackers to execute arbitrary code or cause a denial of service, such as a daemon crash, via format string specifiers in data used in DKIM logging. For example, an identity field containing a `%` (percent) character could trigger this issue. **Recommendations** For versions prior to 4.76, update to version 4.76 or later to resolve the issue. As a temporary workaround, consider restricting the use of format string specifiers in DKIM logging data to minimize the risk of exploitation.