Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2002-0986

Опубликовано: 24 сент. 2002
Источник: nvd
CVSS2: 5
EPSS Низкий

Описание

The mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, which could allow remote attackers to modify mail message content, including mail headers, and possibly use PHP as a "spam proxy."

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:php:php:3.0.18:*:*:*:*:*:*:*
cpe:2.3:a:php:php:4.0:*:*:*:*:*:*:*
cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*
cpe:2.3:a:php:php:4.0.1:patch1:*:*:*:*:*:*
cpe:2.3:a:php:php:4.0.1:patch2:*:*:*:*:*:*
cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:*
cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*
cpe:2.3:a:php:php:4.0.3:patch1:*:*:*:*:*:*
cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*
cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*
cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*
cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:*
cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:*
cpe:2.3:a:php:php:4.1.1:*:*:*:*:*:*:*
cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:*
cpe:2.3:a:php:php:4.2.0:*:*:*:*:*:*:*
cpe:2.3:a:php:php:4.2.1:*:*:*:*:*:*:*
cpe:2.3:a:php:php:4.2.2:*:*:*:*:*:*:*

EPSS

Процентиль: 92%
0.07819
Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

redhat логотип

CVE-2002-0986

redhat
почти 23 года назад

The mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, which could allow remote attackers to modify mail message content, including mail headers, and possibly use PHP as a "spam proxy."

debian логотип

CVE-2002-0986

debian
больше 22 лет назад

The mail function in PHP 4.x to 4.2.2 does not filter ASCII control ch ...

github логотип

GHSA-xchw-jqmw-jcvc

github
около 3 лет назад

The mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, which could allow remote attackers to modify mail message content, including mail headers, and possibly use PHP as a "spam proxy."

EPSS

Процентиль: 92%
0.07819
Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other