PT-2014-8310 · Heirloom+4 · Mailx+4

Florian Weimer

Published

2014-12-16

Updated

2024-06-15

CVE-2014-7844

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions mailx versions 8.1.2 and earlier

Description The issue allows remote attackers to execute arbitrary commands via a crafted email address.

Recommendations For versions 8.1.2 and earlier, update to a version later than 8.1.2 to resolve the issue.

Fix

RCE

Special Elements Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

CESA-2014_1999

CVE-2014-7844

DLA-113-1

DLA-114-1

DSA-3104-1

DSA-3105-1

MGASA-2014-0538

OPENSUSE-SU-2024:10561-1

RHSA-2014:1999

RHSA-2014_1999

SUSE-RU-2015:0876-1

USN-2455-1

Centos

Red Hat

Suse

Ubuntu

Mailx