Vulnerabilities

CVE-2009-4023

by Fred · 28/11/2009

Argument injection vulnerability in the sendmail implementation of the Mail::Send method (Mail/sendmail.php) in the Mail package 1.1.14 for PEAR allows remote attackers to read and write arbitrary files via a crafted $from parameter, a different vector than CVE-2009-4111.

Date published : 2009-11-28

http://www.securityfocus.com/bid/37081

http://pear.php.net/bugs/bug.php?id=16200

Related

Tags: Cybersecurity Alert