5

CVE-2002-0986

The mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, which could allow remote attackers to modify mail message content, including mail headers, and possibly use PHP as a "spam proxy."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
PhpPhp Version3.0.18
PhpPhp Version4.0
PhpPhp Version4.0.1
PhpPhp Version4.0.1 Updatepatch1
PhpPhp Version4.0.1 Updatepatch2
PhpPhp Version4.0.2
PhpPhp Version4.0.3
PhpPhp Version4.0.3 Updatepatch1
PhpPhp Version4.0.4
PhpPhp Version4.0.5
PhpPhp Version4.0.6
PhpPhp Version4.0.7
PhpPhp Version4.1.0
PhpPhp Version4.1.1
PhpPhp Version4.1.2
PhpPhp Version4.2.0
PhpPhp Version4.2.1
PhpPhp Version4.2.2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.15% 0.863
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.redhat.com/support/errata/RHSA-2003-159.html
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-008.0.txt
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000545
http://marc.info/?l=bugtraq&m=103011916928204&w=2
http://marc.info/?l=bugtraq&m=105760591228031&w=2
http://www.debian.org/security/2002/dsa-168
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:082
http://www.novell.com/linux/security/advisories/2002_036_modphp4.html
http://www.redhat.com/support/errata/RHSA-2002-213.html
http://www.redhat.com/support/errata/RHSA-2002-214.html
http://www.redhat.com/support/errata/RHSA-2002-243.html
http://www.redhat.com/support/errata/RHSA-2002-244.html
http://www.redhat.com/support/errata/RHSA-2002-248.html
http://www.kb.cert.org/vuls/id/410609
US Government Resource
http://www.osvdb.org/2160
http://www.securityfocus.com/bid/5562
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/9959