ID CVE-2015-8476 Type cve Reporter NVD Modified 2016-12-05T22:03:57
Description
Multiple CRLF injection vulnerabilities in PHPMailer before 5.2.14 allow attackers to inject arbitrary SMTP commands via CRLF sequences in an (1) email address to the validateAddress function in class.phpmailer.php or (2) SMTP command to the sendCommand function in class.smtp.php, a different vulnerability than CVE-2012-0796.
{"title": "CVE-2015-8476", "reporter": "NVD", "enchantments": {"vulnersScore": 7.5}, "published": "2015-12-16T16:59:05", "cvelist": ["CVE-2015-8476"], "viewCount": 3, "objectVersion": "1.2", "type": "cve", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8476", "bulletinFamily": "NVD", "hashmap": [{"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "3573d458e691d8373b44e7743cffc7d5", "key": "cpe"}, {"hash": "cecc62d1326abc4497d0150bd443b31f", "key": "cvelist"}, {"hash": "26769fd423968d45be7383413e2552f1", "key": "cvss"}, {"hash": "f5a9af96ee143bebf7559e34d0ba5211", "key": "description"}, {"hash": "7a2db9385a0820d13ebac197d45a422b", "key": "href"}, {"hash": "72c00754fbd975d97a6333f6922840b4", "key": "modified"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "98e3fc5fa6a3d38797156c17d29beeaa", "key": "published"}, {"hash": "5a23dfdcbb1bda27de823ceb56479d0d", "key": "references"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "6ae7690675555a8da346c19d4cc62287", "key": "title"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}], "history": [{"bulletin": {"reporter": "NVD", "published": "2015-12-16T16:59:05", "cvelist": ["CVE-2015-8476"], "title": "CVE-2015-8476", "objectVersion": "1.2", "type": "cve", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8476", "bulletinFamily": "NVD", "id": "CVE-2015-8476", "history": [], "scanner": [], "cpe": ["cpe:/o:debian:debian_linux:6.0", "cpe:/o:debian:debian_linux:8.0", "cpe:/a:phpmailer_project:phpmailer:5.2.13", "cpe:/o:debian:debian_linux:7.0"], "modified": "2015-12-17T12:25:25", "hash": "d709b9ff5f710df5e50aeb8727256baedba896a988a7b39b1c1927857c2f66a0", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "viewCount": 1, "edition": 1, "assessment": {"name": "", "href": "", "system": ""}, "references": ["http://www.debian.org/security/2015/dsa-3416", "https://github.com/PHPMailer/PHPMailer/commit/6687a96a18b8f12148881e4ddde795ae477284b0", "http://www.openwall.com/lists/oss-security/2015/12/05/1", "http://www.openwall.com/lists/oss-security/2015/12/04/5", "https://github.com/PHPMailer/PHPMailer/releases/tag/v5.2.14", "http://www.securityfocus.com/bid/78619"], "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "6ae7690675555a8da346c19d4cc62287", "key": "title"}, {"hash": "463ff0c0e92fb088e450ef5d33d84ade", "key": "references"}, {"hash": "3573d458e691d8373b44e7743cffc7d5", "key": "cpe"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "98e3fc5fa6a3d38797156c17d29beeaa", "key": "published"}, {"hash": "7a2db9385a0820d13ebac197d45a422b", "key": "href"}, {"hash": "26769fd423968d45be7383413e2552f1", "key": "cvss"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "a27d2f31a95286b09c23cc5ff2835938", "key": "modified"}, {"hash": "cecc62d1326abc4497d0150bd443b31f", "key": "cvelist"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "f5a9af96ee143bebf7559e34d0ba5211", "key": "description"}], "lastseen": "2016-09-03T23:25:20", "description": "Multiple CRLF injection vulnerabilities in PHPMailer before 5.2.14 allow attackers to inject arbitrary SMTP commands via CRLF sequences in an (1) email address to the validateAddress function in class.phpmailer.php or (2) SMTP command to the sendCommand function in class.smtp.php, a different vulnerability than CVE-2012-0796."}, "differentElements": ["references", "modified"], "edition": 1, "lastseen": "2016-09-03T23:25:20"}], "scanner": [], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "modified": "2016-12-05T22:03:57", "hash": "e34864d8a07c9fa0bab80913fb613bfe85cf32c49527a64d341d8092aa720e7f", "cpe": ["cpe:/o:debian:debian_linux:6.0", "cpe:/o:debian:debian_linux:8.0", "cpe:/a:phpmailer_project:phpmailer:5.2.13", "cpe:/o:debian:debian_linux:7.0"], "edition": 2, "description": "Multiple CRLF injection vulnerabilities in PHPMailer before 5.2.14 allow attackers to inject arbitrary SMTP commands via CRLF sequences in an (1) email address to the validateAddress function in class.phpmailer.php or (2) SMTP command to the sendCommand function in class.smtp.php, a different vulnerability than CVE-2012-0796.", "references": ["http://www.debian.org/security/2015/dsa-3416", "https://github.com/PHPMailer/PHPMailer/commit/6687a96a18b8f12148881e4ddde795ae477284b0", "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177139.html", "http://www.openwall.com/lists/oss-security/2015/12/05/1", "http://www.openwall.com/lists/oss-security/2015/12/04/5", "https://github.com/PHPMailer/PHPMailer/releases/tag/v5.2.14", "http://www.securityfocus.com/bid/78619", "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177130.html"], "id": "CVE-2015-8476", "lastseen": "2017-04-18T15:58:40", "assessment": {"name": "", "href": "", "system": ""}}
{"result": {"openvas": [{"id": "OPENVAS:1361412562310807263", "type": "openvas", "title": "Fedora Update for php-PHPMailer FEDORA-2015-39522", "description": "Check the version of php-PHPMailer", "published": "2016-02-12T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807263", "cvelist": ["CVE-2015-8476"], "lastseen": "2017-07-25T10:54:21"}, {"id": "OPENVAS:1361412562310131162", "type": "openvas", "title": "Mageia Linux Local Check: mgasa-2015-0484", "description": "Mageia Linux Local Security Checks mgasa-2015-0484", "published": "2015-12-28T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310131162", "cvelist": ["CVE-2015-8476"], "lastseen": "2017-07-24T12:53:34"}, {"id": "OPENVAS:1361412562310703416", "type": "openvas", "title": "Debian Security Advisory DSA 3416-1 (libphp-phpmailer - security update)", "description": "Takeshi Terada discovered a vulnerability\nin PHPMailer, a PHP library for email transfer, used by many CMSs. The library\naccepted email addresses and SMTP commands containing line breaks, which can be\nabused by an attacker to inject messages.", "published": "2015-12-13T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703416", "cvelist": ["CVE-2015-8476"], "lastseen": "2018-04-06T11:25:13"}, {"id": "OPENVAS:703416", "type": "openvas", "title": "Debian Security Advisory DSA 3416-1 (libphp-phpmailer - security update)", "description": "Takeshi Terada discovered a vulnerability\nin PHPMailer, a PHP library for email transfer, used by many CMSs. The library\naccepted email addresses and SMTP commands containing line breaks, which can be\nabused by an attacker to inject messages.", "published": "2015-12-13T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=703416", "cvelist": ["CVE-2015-8476"], "lastseen": "2017-07-24T12:52:35"}], "nessus": [{"id": "FEDORA_2015-39522BB8C9.NASL", "type": "nessus", "title": "Fedora 22 : php-PHPMailer-5.2.14-1.fc22 (2015-39522bb8c9)", "description": "New upstream release: fixes CVE-2015-8476.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2016-03-04T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=89214", "cvelist": ["CVE-2015-8476"], "lastseen": "2017-10-29T13:43:09"}, {"id": "DEBIAN_DLA-363.NASL", "type": "nessus", "title": "Debian DLA-363-1 : libphp-phpmailer security update", "description": "It was discovered that there was a header injection vulnerability in libphp-phpmailer, am email transfer library for PHP.\n\nFor Debian 6 Squeeze, this issue has been fixed in libphp-phpmailer version 5.1-1+deb6u11.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2015-12-09T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=87268", "cvelist": ["CVE-2015-8476"], "lastseen": "2018-07-07T02:06:29"}, {"id": "DEBIAN_DSA-3416.NASL", "type": "nessus", "title": "Debian DSA-3416-1 : libphp-phpmailer - security update", "description": "Takeshi Terada discovered a vulnerability in PHPMailer, a PHP library for email transfer, used by many CMSs. The library accepted email addresses and SMTP commands containing line breaks, which can be abused by an attacker to inject messages.", "published": "2015-12-14T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=87331", "cvelist": ["CVE-2015-8476"], "lastseen": "2018-07-12T18:28:00"}, {"id": "FEDORA_2015-ABF9659276.NASL", "type": "nessus", "title": "Fedora 23 : php-PHPMailer-5.2.14-1.fc23 (2015-abf9659276)", "description": "New upstream release: fixes CVE-2015-8476.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2016-03-04T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=89363", "cvelist": ["CVE-2015-8476"], "lastseen": "2017-10-29T13:35:15"}], "debian": [{"id": "DLA-363", "type": "debian", "title": "libphp-phpmailer -- LTS security update", "description": "It was discovered that there was a header injection vulnerability in libphp-phpmailer, an email transfer library for PHP.\n\nFor Debian 6 Squeeze, this issue has been fixed in libphp-phpmailer version 5.1-1+deb6u11.", "published": "2015-12-08T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "http://www.debian.org/security/2015/dla-363", "cvelist": ["CVE-2015-8476"], "lastseen": "2017-10-05T13:05:55"}, {"id": "DSA-3416", "type": "debian", "title": "libphp-phpmailer -- security update", "description": "Takeshi Terada discovered a vulnerability in PHPMailer, a PHP library for email transfer, used by many CMSs. The library accepted email addresses and SMTP commands containing line breaks, which can be abused by an attacker to inject messages.\n\nFor the oldstable distribution (wheezy), this problem has been fixed in version 5.1-1.1.\n\nFor the stable distribution (jessie), this problem has been fixed in version 5.2.9+dfsg-2+deb8u1.\n\nFor the unstable distribution (sid), this problem has been fixed in version 5.2.14+dfsg-1.\n\nWe recommend that you upgrade your libphp-phpmailer packages.", "published": "2015-12-13T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "http://www.debian.org/security/dsa-3416", "cvelist": ["CVE-2015-8476"], "lastseen": "2016-09-02T18:30:50"}]}}
