Lucene search
MitreCVELIST:CVE-2001-1246HistoryJun 25, 2002 - 4:00 a.m.
CVE-2001-1246
2002-06-2504:00:00
mitre
www.cve.org
1
PHP 4.0.5 through 4.1.0 in safe mode does not properly cleanse the 5th parameter to the mail() function, which allows local users and possibly remote attackers to execute arbitrary commands via shell metacharacters.
References
online.securityfocus.com/archive/1/194425
www.iss.net/security_center/static/6787.php
www.php.net/do_download.php?download_file=php-4.1.2.tar.gz
www.redhat.com/support/errata/RHSA-2002-102.html
www.redhat.com/support/errata/RHSA-2002-129.html
www.redhat.com/support/errata/RHSA-2003-159.html
www.securityfocus.com/bid/2954
Related
cve
cve
CVE-2001-1246
2002-06-25 04:00:00
nessus
nessus
PHP Safe Mode mail Function 5th Parameter Arbitrary Command Execution
2001-07-02 00:00:00
Mandrake Linux Security Advisory : php (MDKSA-2002:059)
2004-07-31 00:00:00
RHEL 2.1 : php (RHSA-2002:129)
2004-07-06 00:00:00
nvd
nvd
CVE-2001-1246
2001-06-30 04:00:00