UBUNTU-CVE-2004-2771

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2004-2771

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2004/UBUNTU-CVE-2004-2771.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2004-2771

Related

CVE-2004-2771

Published

2014-12-24T18:59:00Z

Modified

2025-01-13T10:20:59Z

Summary

[none]

Details

The expand function in fio.c in Heirloom mailx 12.5 and earlier and BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in an email address.

References

Affected packages

Ubuntu:14.04:LTS / heirloom-mailx

Package

Name: heirloom-mailx
Purl: pkg:deb/ubuntu/heirloom-mailx@12.5-2+deb7u1build0.14.04.1?arch=source&distro=trusty

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

12.5-2+deb7u1build0.14.04.1

Affected versions

12.*

12.5-2

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "12.5-2+deb7u1build0.14.04.1",
            "binary_name": "heirloom-mailx"
        },
        {
            "binary_version": "12.5-2+deb7u1build0.14.04.1",
            "binary_name": "heirloom-mailx-dbgsym"
        }
    ]
}