3 matches found
RHEL 2.1 : php (RHSA-2002:129)
PHP versions earlier than 4.1.0 contain a vulnerability that could allow arbitrary commands to be executed. updated 22 Aug 2002 The initial set of errata packages contained an incorrect set of dependencies. This meant that a number of packages would need to be installed before php that were not...
CVE-2001-1246
CVE-2001-1246 affects PHP versions 4.0.5–4.1.0 running in safe mode. The fifth parameter to mail() is not properly sanitized, enabling local users and possibly remote attackers to execute arbitrary commands via shell metacharacters. Multiple connected documents (NVD/Nessus advisories) describe th...
CVE-2001-1246
PHP 4.0.5 through 4.1.0 in safe mode does not properly cleanse the 5th parameter to the mail function, which allows local users and possibly remote attackers to execute arbitrary commands via shell metacharacters...