CVE-2009-4023

2009-11-29T13:07:00
ID CVE-2009-4023
Type cve
Reporter cve@mitre.org
Modified 2017-08-17T01:31:00

Description

Argument injection vulnerability in the sendmail implementation of the Mail::Send method (Mail/sendmail.php) in the Mail package 1.1.14 for PEAR allows remote attackers to read and write arbitrary files via a crafted $from parameter, a different vector than CVE-2009-4111.