TROYANOSYVIRUS
Retour aux CVEs

CVE-2009-4023

N/A

Description

Argument injection vulnerability in the sendmail implementation of the Mail::Send method (Mail/sendmail.php) in the Mail package 1.1.14 for PEAR allows remote attackers to read and write arbitrary files via a crafted $from parameter, a different vector than CVE-2009-4111.

Details CVE

Score CVSS v3.1N/A
Publie11/29/2009
Derniere modification4/23/2026
Sourcenvd
Observations honeypot0

Produits affectes

pear:pear

Faiblesses (CWE)

CWE-94

References

http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00001.html(secalert@redhat.com)
http://pear.php.net/bugs/bug.php?id=16200(secalert@redhat.com)
http://pear.php.net/bugs/bug.php?id=16200&edit=12&patch=quick-fix&revision=1241757412(secalert@redhat.com)
http://secunia.com/advisories/37410(secalert@redhat.com)
http://secunia.com/advisories/37458(secalert@redhat.com)
http://svn.php.net/viewvc/pear/packages/Mail/trunk/Mail/sendmail.php?r1=243717&r2=280134(secalert@redhat.com)
http://www.debian.org/security/2009/dsa-1938(secalert@redhat.com)
http://www.openwall.com/lists/oss-security/2009/11/23/8(secalert@redhat.com)
http://www.securityfocus.com/bid/37081(secalert@redhat.com)
http://www.vupen.com/english/advisories/2009/3300(secalert@redhat.com)
https://bugs.gentoo.org/show_bug.cgi?id=294256(secalert@redhat.com)
https://exchange.xforce.ibmcloud.com/vulnerabilities/54362(secalert@redhat.com)
http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00001.html(af854a3a-2127-422b-91ae-364da2661108)
http://pear.php.net/bugs/bug.php?id=16200(af854a3a-2127-422b-91ae-364da2661108)
http://pear.php.net/bugs/bug.php?id=16200&edit=12&patch=quick-fix&revision=1241757412(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/37410(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/37458(af854a3a-2127-422b-91ae-364da2661108)
http://svn.php.net/viewvc/pear/packages/Mail/trunk/Mail/sendmail.php?r1=243717&r2=280134(af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2009/dsa-1938(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2009/11/23/8(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/37081(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2009/3300(af854a3a-2127-422b-91ae-364da2661108)
https://bugs.gentoo.org/show_bug.cgi?id=294256(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/54362(af854a3a-2127-422b-91ae-364da2661108)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.