Project

General

Profile

Bug #5480

CVE-2012-3165 mailx(1) buffer overflow vulnerability

Added by Robert Mustacchi about 6 years ago. Updated about 6 years ago.

Status:
Closed
Priority:
Urgent
Category:
cmd - userland programs
Start date:
2014-12-23
Due date:
% Done:

100%

Estimated time:
Difficulty:
Medium
Tags:
Gerrit CR:

Description

Address CVE-2012-3165 for mailx(1). mailx(1) does not properly handle its buffer allocations and allows for arbitrary overflow. See http://mcarpenter.org/blog/2012/10/18/solaris-mailx%281%29-buffer-overflow-vulnerability for more information.

#1

Updated by Electric Monk about 6 years ago

  • Status changed from Pending RTI to Closed

git commit 196c7f05d2deba7404e90ad67f3861185c78ca2d

commit  196c7f05d2deba7404e90ad67f3861185c78ca2d
Author: Joshua M. Clulow <jmc@joyent.com>
Date:   2014-12-23T22:52:48.000Z

    5480 CVE-2012-3165 mailx(1) buffer overflow vulnerability
    Reviewed by: Dan McDonald <danmcd@omniti.com>
    Reviewed by: Robert Mustacchi <rm@joyent.com>
    Reviewed by: Richard Lowe <richlowe@richlowe.net>
    Approved by: Dan McDonald <danmcd@omniti.com>

Also available in: Atom PDF