CVE-2012-1750 mailx(1) tilde expansion vulnerability
mailx's default configuration allows for escape commands to be executed in non-interactive mode. The issues is that the mailx rc file always appends this. For more information see http://mcarpenter.org/blog/2012/07/18/solaris-mailx%281%29-tilde-expansion-vulnerability.
Updated by Electric Monk about 6 years ago
- Status changed from Pending RTI to Closed
commit 5422785d352a2bb398daceab3d1898a8aa64d006 Author: Robert Mustacchi <email@example.com> Date: 2014-12-23T22:52:59.000Z 5481 CVE-2012-1750 mailx(1) tilde expansion vulnerability 5482 CVE-2014-7844, CVE-2004-2771 - more mailx(1) woes Reviewed by: Dan McDonald <firstname.lastname@example.org> Reviewed by: Richard Lowe <email@example.com> Approved by: Dan McDonald <firstname.lastname@example.org>