CVE-2014-7844

NameCVE-2014-7844
DescriptionBSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via a crafted email address.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDLA-113-1, DLA-114-1, DSA-3104-1, DSA-3105-1
Debian Bugs773417

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
bsd-mailx (PTS)bullseye8.1.2-0.20180807cvs-2fixed
sid, trixie, bookworm8.1.2-0.20220412cvs-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
bsd-mailxsourcesqueeze8.1.2-0.20100314cvs-1+deb6u1DLA-113-1
bsd-mailxsourcewheezy8.1.2-0.20111106cvs-1+deb7u1DSA-3104-1
bsd-mailxsource(unstable)8.1.2-0.20141216cvs-1
heirloom-mailxsourcesqueeze12.4-2+deb6u1DLA-114-1
heirloom-mailxsourcewheezy12.5-2+deb7u1DSA-3105-1
heirloom-mailxsource(unstable)12.5-3.1773417

Search for package or bug name: Reporting problems