CVE-2005-3883

Published: Nov 29, 2005

Modified: Aug 7, 2024

PUBLISHED

Description

CRLF injection vulnerability in the mb_send_mail function in PHP before 5.1.0 might allow remote attackers to inject arbitrary e-mail headers via line feeds (LF) in the "To" address argument.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20210

third-party-advisory

x_refsource_SECUNIA

TLSA-2006-38

vendor-advisory

x_refsource_TURBO

18198

third-party-advisory

x_refsource_SECUNIA

RHSA-2006:0276

vendor-advisory

x_refsource_REDHAT

17763

third-party-advisory

x_refsource_SECUNIA

18054

third-party-advisory

x_refsource_SECUNIA

oval:org.mitre.oval:def:10332

vdb-entry

signature

x_refsource_OVAL

http://bugs.php.net/bug.php?id=35307

x_refsource_MISC

http://www.php.net/release_5_1_0.php

x_refsource_CONFIRM

1015296

vdb-entry

x_refsource_SECTRACK

MDKSA-2005:238

vendor-advisory

x_refsource_MANDRIVA

20951

third-party-advisory

x_refsource_SECUNIA

SUSE-SA:2005:069

vendor-advisory

x_refsource_SUSE

15571

vdb-entry

x_refsource_BID

http://support.avaya.com/elmodocs2/security/ASA-2006-129.htm

x_refsource_CONFIRM

19832

third-party-advisory

x_refsource_SECUNIA

php-mbsendmail-header-injection(23270)

vdb-entry

x_refsource_XF

USN-232-1

vendor-advisory

x_refsource_UBUNTU

ADV-2006-2685

vdb-entry

x_refsource_VUPEN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2005-3883

Description

Affected Products

References