mailx

• Author: kikadf
• Vulnerable: 12.4-4
• Unaffected: 12.4-5arcturus1

Mailx interprets shell meta-characters in certain email addresses. An unexpected feature of mailx treats syntactically valid email addresses as shell commands to execute.

CVEs:

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2771
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7844