Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2002-0985

Опубликовано: 24 сент. 2002
Источник: nvd
CVSS2: 7.5
EPSS Низкий

Описание

Argument injection vulnerability in the mail function for PHP 4.x to 4.2.2 may allow attackers to bypass safe mode restrictions and modify command line arguments to the MTA (e.g. sendmail) in the 5th argument to mail(), altering MTA behavior and possibly executing commands.

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
Версия от 4.0 (включая) до 4.2.2 (включая)
Конфигурация 2

Одно из

cpe:2.3:a:openpkg:openpkg:1.1:*:*:*:*:*:*:*
cpe:2.3:a:openpkg:openpkg:1.2:*:*:*:*:*:*:*

EPSS

Процентиль: 79%
0.01296
Низкий

7.5 High

CVSS2

Дефекты

CWE-88

Связанные уязвимости

redhat
почти 23 года назад

Argument injection vulnerability in the mail function for PHP 4.x to 4.2.2 may allow attackers to bypass safe mode restrictions and modify command line arguments to the MTA (e.g. sendmail) in the 5th argument to mail(), altering MTA behavior and possibly executing commands.

debian
почти 23 года назад

Argument injection vulnerability in the mail function for PHP 4.x to 4 ...

github
больше 3 лет назад

Argument injection vulnerability in the mail function for PHP 4.x to 4.2.2 may allow attackers to bypass safe mode restrictions and modify command line arguments to the MTA (e.g. sendmail) in the 5th argument to mail(), altering MTA behavior and possibly executing commands.

EPSS

Процентиль: 79%
0.01296
Низкий

7.5 High

CVSS2

Дефекты

CWE-88