VULHUB ™

The mailtool program included with OpenWindows in Solaris, contains a buffer overflow vulnerability which may allow local users to execute arbitrary code/commands with group 'mail' privileges. The overflow occurs when a string exceeding approximately 1010 characters is given as the OPENWINHOME environment variable.

The mailtool program included with OpenWindows in Solaris, contains a buffer overflow vulnerability which may allow local users to execute arbitrary code/commands with group 'mail' privileges. The overflow occurs when a string exceeding approximately 1010 characters is given as the OPENWINHOME environment variable.