Lucene search

K

Veracode Vulnerability DatabaseVERACODE:11554

HistoryJan 15, 2019 - 9:03 a.m.

Arbitrary Command Execution

2019-01-1509:03:48

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

13

EPSS

0.027

Percentile

90.6%

mailx is vulnerable to arbitrary command execution. A remote attacker is able to execute arbitrary commands through the expand function in fio.c using shell metacharacters in a malicious email address.

References

linux.oracle.com/errata/ELSA-2014-1999.html

rhn.redhat.com/errata/RHSA-2014-1999.html

seclists.org/oss-sec/2014/q4/1066

secunia.com/advisories/60940

secunia.com/advisories/61585

secunia.com/advisories/61693

www.debian.org/security/2014/dsa-3105

access.redhat.com/errata/RHSA-2014:1999

access.redhat.com/security/cve/CVE-2004-2771

access.redhat.com/security/updates/classification/#moderate

bugs.debian.org/cgi-bin/bugreport.cgi?bug=278748

bugzilla.redhat.com/show_bug.cgi?id=1162783

rhn.redhat.com/errata/RHSA-2014-1999.html

EPSS

0.027

Percentile

90.6%

Related for VERACODE:11554

cvelist1 cbl_mariner3 ubuntucve1 osv5 debiancve1 nessus21 cve1 nvd1 slackware1 gentoo1 debian4 openvas15 securityvulns3 centos1 fedora3 oraclelinux1 redhat1 f52 mageia1 amazon1