Lucene search
K

14 matches found

Tenable Nessus
Tenable Nessus
added 2010/10/28 12:0 a.m.27 views

openSUSE Security Update : php5-pear-mail (openSUSE-SU-2010:0909-1)

Passing specially crafted $from and $recepient arguments to php5-pear-mail's sendmail.php allowed attackers to inject shell code CVE-2009-4023, CVE-2009-4111. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE...

7.5CVSS5.3AI score0.02402EPSS
Exploits3References5
OpenVAS
OpenVAS
added 2010/01/29 12:0 a.m.19 views

Mandriva Update for php-pear-Mail MDVSA-2010:025 (php-pear-Mail)

Check for the Version of php-pear-Mail OpenVAS Vulnerability Test Mandriva Update for php-pear-Mail MDVSA-2010:025 php-pear-Mail Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...

7.5CVSS9.2AI score0.02402EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2010/01/29 12:0 a.m.28 views

Mandriva Update for php-pear-Mail MDVSA-2010:025 (php-pear-Mail)

Check for the Version of php-pear-Mail OpenVAS Vulnerability Test Mandriva Update for php-pear-Mail MDVSA-2010:025 php-pear-Mail Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...

7.5CVSS0.02402EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2010/01/26 12:0 a.m.35 views

Mandriva Linux Security Advisory : php-pear-Mail (MDVSA-2010:025)

Multiple vulnerabilities were discovered and corrected in php-pear Mail : Argument injection vulnerability in the sendmail implementation of the Mail::Send method Mail/sendmail.php in the Mail package 1.1.14 for PEAR allows remote attackers to read and write arbitrary files via a crafted paramete...

7.5CVSS5.8AI score0.02402EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2009/12/10 12:0 a.m.33 views

Fedora Core 10 FEDORA-2009-12439 (php-pear-Mail)

The remote host is missing an update to php-pear-Mail announced via advisory FEDORA-2009-12439. OpenVAS Vulnerability Test $Id: fcore200912439.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-12439 php-pear-Mail Authors: Thomas Reinke Copyright:...

7.5CVSS0.2AI score0.02402EPSS
Exploits3References1
OpenVAS
OpenVAS
added 2009/12/10 12:0 a.m.29 views

Fedora Core 12 FEDORA-2009-12395 (php-pear-Mail)

The remote host is missing an update to php-pear-Mail announced via advisory FEDORA-2009-12395. OpenVAS Vulnerability Test $Id: fcore200912395.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-12395 php-pear-Mail Authors: Thomas Reinke Copyright:...

7.5CVSS0.02402EPSS
Exploits3References1
OpenVAS
OpenVAS
added 2009/12/10 12:0 a.m.26 views

Fedora Core 10 FEDORA-2009-12439 (php-pear-Mail)

The remote host is missing an update to php-pear-Mail announced via advisory FEDORA-2009-12439. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright ...

7.5CVSS9.4AI score0.02402EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2009/12/10 12:0 a.m.30 views

Fedora Core 11 FEDORA-2009-12348 (php-pear-Mail)

The remote host is missing an update to php-pear-Mail announced via advisory FEDORA-2009-12348. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright ...

7.5CVSS9.4AI score0.02402EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2009/12/10 12:0 a.m.23 views

Fedora Core 12 FEDORA-2009-12395 (php-pear-Mail)

The remote host is missing an update to php-pear-Mail announced via advisory FEDORA-2009-12395. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright ...

7.5CVSS9.4AI score0.02402EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2009/12/01 12:0 a.m.19 views

Fedora 10 : php-pear-Mail-1.1.14-5.fc10 (2009-12439)

Fix CVE-2009-4023, CVE-2009-4111 PEAR's Mail class did not properly escape content of mail header fields, when using the sendmail backend. A remote attacker could send an email message, with specially crafted headers to local user, leading to disclosure of content and potentially, to modification...

7.5CVSS5.7AI score0.02402EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2009/12/01 12:0 a.m.31 views

Fedora 12 : php-pear-Mail-1.1.14-5.fc12 (2009-12395)

Fix CVE-2009-4023, CVE-2009-4111 PEAR's Mail class did not properly escape content of mail header fields, when using the sendmail backend. A remote attacker could send an email message, with specially crafted headers to local user, leading to disclosure of content and potentially, to modification...

7.5CVSS5.7AI score0.02402EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2009/12/01 12:0 a.m.36 views

Fedora 11 : php-pear-Mail-1.1.14-5.fc11 (2009-12348)

Fix CVE-2009-4023, CVE-2009-4111 PEAR's Mail class did not properly escape content of mail header fields, when using the sendmail backend. A remote attacker could send an email message, with specially crafted headers to local user, leading to disclosure of content and potentially, to modification...

7.5CVSS5.7AI score0.02402EPSS
Exploits3References3
OSV
OSV
added 2009/11/29 1:7 p.m.4 views

CVE-2009-4023

Argument injection vulnerability in the sendmail implementation of the Mail::Send method Mail/sendmail.php in the Mail package 1.1.14 for PEAR allows remote attackers to read and write arbitrary files via a crafted $from parameter, a different vector than CVE-2009-4111...

6.6AI score
Exploits0References15
CVE
CVE
added 2009/11/28 5:0 p.m.81 views

CVE-2009-4023

Summary: CVE-2009-4023 (with CVE-2009-4111) affects the Mail::Send implementation in PEAR Mail’s sendmail.php for the Mail package, version 1.1.14. A crafted $from parameter allows remote attackers to read and write arbitrary files over the network. The vulnerability is classified with base CVSS ...

7.5CVSS9.3AI score0.02402EPSS
Exploits1References12Affected Software1
Rows per page
Query Builder