Home

CVE-2014-7844

Description

BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via a crafted email address.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
1.025

Associated Vulnerability

VulnerabilityOS Platform
Multiple vulnerabilities are fixed in OS X Yosemite 10.10.5 UpdateMac
Multiple vulnerabilities are fixed in OS X Yosemite 10.10.5 Combo UpdateMac
simple mail user agent (USN-2455-1) bsd-mailx_8.1.2-0.20111106cvs-1ubuntu0.1_i386.debLinux
simple mail user agent (USN-2455-1) bsd-mailx_8.1.2-0.20111106cvs-1ubuntu0.1_amd64.debLinux
simple mail user agent (USN-2455-1) bsd-mailx_8.1.2-0.20131005cvs-1ubuntu0.14.04.1_i386.debLinux
simple mail user agent (USN-2455-1) bsd-mailx_8.1.2-0.20131005cvs-1ubuntu0.14.04.1_amd64.debLinux
bsd-mailx security update(DSA-3104-1) bsd-mailx_8.1.2-0.20111106cvs-1+deb7u1_i386.debLinux
heirloom-mailx security update(DSA-3105-1) heirloom-mailx_12.5-2+deb7u1_i386.debLinux
Mailx security update (CESA-2014:1999) mailx-12.4-8.el6_6.i686.rpmLinux
Mailx security update (CESA-2014:1999) mailx-12.4-8.el6_6.x86_64.rpmLinux
(RHSA-2014:1999) Moderate: mailx security update mailx-12.4-8.el6_6.i686.rpmLinux
(RHSA-2014:1999) Moderate: mailx security update mailx-12.4-8.el6_6.x86_64.rpmLinux
(RHSA-2014:1999) Moderate: mailx security update mailx-12.5-12.el7_0.x86_64.rpmLinux
(RHSA-2014:1999)Moderate: security update mailx-debuginfo-12.5-12.el7_0.x86_64.rpmLinux
Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability (CVE-2014-7844)NCM

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-600354OS X Yosemite 10.10.5 Update
PATCH-600458OS X Yosemite 10.10.5 Combo Update

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234