A local overflow exists in IBM AIX. The mail/mailx command fails to validate input resulting in a possible buffer overflow. With a specially crafted request, an attacker can cause arbitrary command execution.
The mail/mailx utility is not SUID and thus does not result in privilege escalation nor loss of confidentiality and/or integrity.
Upgrade to version 4.3.3 (APAR IY29516), 5.1.0 (APAR IY28170) or higher,
as it has been reported to fix this vulnerability. An upgrade is required
as there are no known workarounds.