Описание
Argument injection vulnerability in the sendmail implementation of the Mail::Send method (Mail/sendmail.php) in the Mail package 1.1.14 for PEAR allows remote attackers to read and write arbitrary files via a crafted $from parameter, a different vector than CVE-2009-4111.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.1.6-2+etch1build0.6.06.1 |
| devel | not-affected | 1.1.14-2 |
| hardy | released | 1.1.6-2+etch1build0.8.04.1 |
| intrepid | released | 1.1.14-1+lenny1build0.8.10.1 |
| jaunty | released | 1.1.14-1+lenny1build0.9.04.1 |
| karmic | released | 1.1.14-1+lenny1build0.9.10.1 |
| upstream | needs-triage |
Показывать по
Ссылки на источники
EPSS
7.5 High
CVSS2
Связанные уязвимости
Argument injection vulnerability in the sendmail implementation of the Mail::Send method (Mail/sendmail.php) in the Mail package 1.1.14 for PEAR allows remote attackers to read and write arbitrary files via a crafted $from parameter, a different vector than CVE-2009-4111.
Argument injection vulnerability in the sendmail implementation of the Mail::Send method (Mail/sendmail.php) in the Mail package 1.1.14 for PEAR allows remote attackers to read and write arbitrary files via a crafted $from parameter, a different vector than CVE-2009-4111.
Argument injection vulnerability in the sendmail implementation of the ...
Argument injection vulnerability in the sendmail implementation of the Mail::Send method (Mail/sendmail.php) in the Mail package 1.1.14 for PEAR allows remote attackers to read and write arbitrary files via a crafted $from parameter, a different vector than CVE-2009-4111.
EPSS
7.5 High
CVSS2