Lucene search
Ubuntu.comUB:CVE-2015-8476HistoryDec 16, 2015 - 12:00 a.m.
CVE-2015-8476
2015-12-1600:00:00
ubuntu.com
ubuntu.com
5
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
65.1%
Multiple CRLF injection vulnerabilities in PHPMailer before 5.2.14 allow
attackers to inject arbitrary SMTP commands via CRLF sequences in an (1)
email address to the validateAddress function in class.phpmailer.php or (2)
SMTP command to the sendCommand function in class.smtp.php, a different
vulnerability than CVE-2012-0796.
Bugs
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 12.04 | noarch | libphp-phpmailer | < 5.1-1+deb6u11build0.12.04.1 | UNKNOWN |
| ubuntu | 14.04 | noarch | libphp-phpmailer | < 5.1-1+deb6u11build0.14.04.1 | UNKNOWN |
| ubuntu | 15.04 | noarch | libphp-phpmailer | < 5.2.9+dfsg-2+deb8u1build0.15.04.1 | UNKNOWN |
Related
prion
prion
Crlf injection
2015-12-16 21:59:00
Design/Logic Flaw
2012-07-17 10:20:00
debiancve
debiancve
CVE-2015-8476
2015-12-16 21:59:00
cve
cve
CVE-2015-8476
2015-12-16 21:59:00
CVE-2012-0796
2012-07-17 10:20:00
nessus
nessus
Fedora 22 : php-PHPMailer-5.2.14-1.fc22 (2015-39522bb8c9)
2016-03-04 00:00:00
Debian DLA-363-1 : libphp-phpmailer security update
2015-12-09 00:00:00
Debian DSA-3416-1 : libphp-phpmailer - security update
2015-12-14 00:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: php-PHPMailer-5.2.14-1.fc22
2016-02-11 13:49:45
[SECURITY] Fedora 23 Update: php-PHPMailer-5.2.14-1.fc23
2016-02-11 13:24:07
[SECURITY] Fedora 15 Update: moodle-1.9.16-1.fc15
2012-02-02 17:21:30
debian
debian
[SECURITY] [DSA 3416-1] libphp-phpmailer security update
2015-12-13 19:11:48
[SECURITY] [DLA 363-1] libphp-phpmailer security update
2015-12-08 18:35:05
[SECURITY] [DSA 3416-1] libphp-phpmailer security update
2015-12-13 19:11:48
openvas
openvas
Fedora Update for php-PHPMailer FEDORA-2015-39522
2016-02-12 00:00:00
Debian: Security Advisory (DSA-3416-1)
2015-12-12 00:00:00
Mageia: Security Advisory (MGASA-2015-0484)
2015-12-28 00:00:00
osv
osv
libphp-phpmailer - security update
2015-12-08 00:00:00
SMTP Injection in PHPMailer
2020-03-05 22:09:19
PHPMailer vulnerable to email header injection
2022-10-06 21:25:46
friendsofphp
friendsofphp
Multiple CRLF injection vulnerabilities
2015-11-01 10:15:00
mageia
mageia
Updated php-phpmailer packages fix CVE-2015-8476
2015-12-24 14:08:20
veracode
veracode
Multiple CRLF Injection
2017-07-26 08:32:53
Header Injection
2017-05-26 07:05:08
github
github
SMTP Injection in PHPMailer
2020-03-05 22:09:19
PHPMailer vulnerable to email header injection
2022-10-06 21:25:46
ubuntucve
ubuntucve
CVE-2012-0796
2012-07-17 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package phpipam version 1.26.050-alt1
2016-12-26 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2421-1] moodle security update
2012-03-19 00:00:00
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
65.1%
Related for UB:CVE-2015-8476