5

CVE-2005-3883

CRLF injection vulnerability in the mb_send_mail function in PHP before 5.1.0 might allow remote attackers to inject arbitrary e-mail headers via line feeds (LF) in the "To" address argument.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
PhpPhp Version4.0.6
PhpPhp Version4.0.7
PhpPhp Version4.0.7 Updaterc1
PhpPhp Version4.0.7 Updaterc2
PhpPhp Version4.0.7 Updaterc3
PhpPhp Version4.1.0
PhpPhp Version4.1.1
PhpPhp Version4.1.2
PhpPhp Version4.2 Editiondev
PhpPhp Version4.2.0
PhpPhp Version4.2.1
PhpPhp Version4.2.2
PhpPhp Version4.2.3
PhpPhp Version4.3.0
PhpPhp Version4.3.1
PhpPhp Version4.3.2
PhpPhp Version4.3.3
PhpPhp Version4.3.4
PhpPhp Version4.3.5
PhpPhp Version4.3.6
PhpPhp Version4.3.7
PhpPhp Version4.3.8
PhpPhp Version4.3.9
PhpPhp Version4.3.10
PhpPhp Version4.3.11
PhpPhp Version4.4.0
PhpPhp Version4.4.1
PhpPhp Version5.0 Updaterc1
PhpPhp Version5.0 Updaterc2
PhpPhp Version5.0 Updaterc3
PhpPhp Version5.0.0
PhpPhp Version5.0.1
PhpPhp Version5.0.2
PhpPhp Version5.0.3
PhpPhp Version5.0.4
PhpPhp Version5.0.5
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.05% 0.859
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc
http://rhn.redhat.com/errata/RHSA-2006-0276.html
http://secunia.com/advisories/19832
http://secunia.com/advisories/20210
http://secunia.com/advisories/20951
http://support.avaya.com/elmodocs2/security/ASA-2006-129.htm
http://www.vupen.com/english/advisories/2006/2685
http://secunia.com/advisories/18198
https://www.ubuntu.com/usn/usn-232-1/
http://www.turbolinux.com/security/2006/TLSA-2006-38.txt
http://secunia.com/advisories/18054
http://www.securityfocus.com/archive/1/419504/100/0/threaded
http://bugs.php.net/bug.php?id=35307
http://secunia.com/advisories/17763
Patch
Vendor Advisory
http://securitytracker.com/id?1015296
http://www.mandriva.com/security/advisories?name=MDKSA-2005:238
http://www.php.net/release_5_1_0.php
Patch
http://www.securityfocus.com/bid/15571
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/23270
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10332