CVE-2009-4111
CVE-2009-4111 affects PEAR Mail’s Mail::Send implementation (Mail/sendmail.php) in the Mail package (v1.1.14, v1.2.0b2, and possibly other versions). The vulnerability allows remote attackers to read/write arbitrary files via a crafted $recipients parameter, a vector/impact separate from CVE-2009...