CVE-2001-1246

2001-06-30T00:00:00
ID CVE-2001-1246
Type cve
Reporter NVD
Modified 2008-09-10T15:10:02

Description

PHP 4.0.5 through 4.1.0 in safe mode does not properly cleanse the 5th parameter to the mail() function, which allows local users and possibly remote attackers to execute arbitrary commands via shell metacharacters.