Solaris mailtool Buffer Overflow Vulnerability

Solaris mailtool Buffer Overflow Vulnerability

The mailtool program included with OpenWindows in Solaris, contains a buffer overflow vulnerability which may allow local users to execute arbitrary code/commands with group 'mail' privileges.

The overflow occurs when a string exceeding approximately 1010 characters is given as the OPENWINHOME environment variable.