5
CVE-2002-0986
- EPSS 3.15%
- Veröffentlicht 24.09.2002 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:58:30
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
The mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, which could allow remote attackers to modify mail message content, including mail headers, and possibly use PHP as a "spam proxy."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.15% | 0.863 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:P/A:N
|
http://www.redhat.com/support/errata/RHSA-2003-159.html
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-008.0.txt
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000545
http://marc.info/?l=bugtraq&m=103011916928204&w=2
http://marc.info/?l=bugtraq&m=105760591228031&w=2
http://www.debian.org/security/2002/dsa-168
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:082
http://www.novell.com/linux/security/advisories/2002_036_modphp4.html
http://www.redhat.com/support/errata/RHSA-2002-213.html
http://www.redhat.com/support/errata/RHSA-2002-214.html
http://www.redhat.com/support/errata/RHSA-2002-243.html
http://www.redhat.com/support/errata/RHSA-2002-244.html
http://www.redhat.com/support/errata/RHSA-2002-248.html
http://www.kb.cert.org/vuls/id/410609
http://www.osvdb.org/2160
http://www.securityfocus.com/bid/5562
https://exchange.xforce.ibmcloud.com/vulnerabilities/9959