CVE-2007-1717

2007-03-28T00:19:00
ID CVE-2007-1717
Type cve
Reporter cve@mitre.org
Modified 2018-10-30T16:25:00

Description

The mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 truncates e-mail messages at the first ASCIIZ ('\0') byte, which might allow context-dependent attackers to prevent intended information from being delivered in e-mail messages. NOTE: this issue might be security-relevant in cases when the trailing contents of e-mail messages are important, such as logging information or if the message is expected to be well-formed.