Lucene search

K
ubuntucveUbuntu.comUB:CVE-2006-1015
HistoryMar 07, 2006 - 12:00 a.m.

CVE-2006-1015

2006-03-0700:00:00
ubuntu.com
ubuntu.com
11

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.074 Low

EPSS

Percentile

93.9%

Argument injection vulnerability in certain PHP 3.x, 4.x, and 5.x
applications, when used with sendmail and when accepting remote input for
the additional_parameters argument to the mail function, allows remote
attackers to read and create arbitrary files via the sendmail -C and -X
arguments. NOTE: it could be argued that this is a class of
technology-specific vulnerability, instead of a particular instance; if so,
then this should not be included in CVE.

OSVersionArchitecturePackageVersionFilename
ubuntu6.10noarchphp5< 5.1.6-1ubuntu2.6UNKNOWN
ubuntu7.04noarchphp5< 5.2.1-0ubuntu1.4UNKNOWN

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.074 Low

EPSS

Percentile

93.9%

Related for UB:CVE-2006-1015