[php-maint] Bug#341368: CVE-2005-3883: Injection of arbitrary
values into the To:-header of the md_send_mail() function
Moritz Muehlenhoff
jmm at inutil.org
Wed Nov 30 09:08:57 UTC 2005
Package: php5
Severity: important
Tags: security
Quoting from http://bugs.php.net/bug.php?id=35307:
Description:
------------
The unexpected header can be injected at the mb_send_mail function.
The mail function is doing the check of the unexpected control code to
"To" and "Subject".
However, the mb_send_mail function isn't doing a check.
By the feature of the function overload, mail function is exchanged for
the mb_send_mail function.
Therefore, it thinks that the check like the mail function is necessary
about the mb_send_mail function, too.
This has been assigned CVE-2005-3883 and it's fixed upstream in 5.1.0.
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.14-2-686
Locale: LANG=C, LC_CTYPE=de_DE.ISO-8859-15 at euro (charmap=ISO-8859-15)
More information about the pkg-php-maint
mailing list