Description
The expand function in fio.c in Heirloom mailx 12.5 and earlier and BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in an email address.
References (8)
Core 8
Core References
Various Sources x_refsource_confirm
http://linux.oracle.com/errata/ELSA-2014-1999.html
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2014/dsa-3105
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/61693
Exploit x_refsource_confirm
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=278748
Mailing List mailing-list
x_refsource_mlist
http://seclists.org/oss-sec/2014/q4/1066
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/60940
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/61585
Vendor Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2014-1999.html
Scores
EPSS
0.0686
EPSS Percentile
93.3%
Details
CWE
CWE-20
Status
published
Products (6)
bsd_mailx_project/bsd_mailx
< 8.1.2
heirloom/mailx
< 12.5
oracle/linux
6
oracle/linux
7
redhat/enterprise_linux
6.0
redhat/enterprise_linux
7.0
Published
Dec 24, 2014
Tracked Since
Feb 18, 2026