5 matches found
EUVD-2006-7069
Malware in sbrugna...
CVE-2006-7087
CRLF injection vulnerability in the mail function in Dotdeb PHP before 5.2.0 Rev 3 allows remote attackers to bypass the protection scheme and inject arbitrary email headers via CRLF sequences in the query string, which is processed via the PHPSELF variable...
CVE-2006-7087
CRLF injection vulnerability in the mail function in Dotdeb PHP before 5.2.0 Rev 3 allows remote attackers to bypass the protection scheme and inject arbitrary email headers via CRLF sequences in the query string, which is processed via the PHPSELF variable...
CVE-2006-7087
CVE-2006-7087 affects Dotdeb PHP prior to 5.2.0 Rev 3. It describes a CRLF injection vulnerability in the mail() function allowing remote attackers to bypass protections and inject arbitrary email headers via CRLF sequences in the query string processed through the PHP_SELF variable. Demonstrated...
[Full-disclosure] Advisory 14/2006: Dotdeb PHP Email Header Injection Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hardened-PHP Project www.hardened-php.net -= Security Advisory =- Advisory: Dotdeb PHP Email Header Injection Vulnerability Release Date: 2006/11/14 Last Modified: 2006/11/14 Author: Stefan Esser [email protected] Application: Dotdeb PHP 5.2.0 R...