CVE-2002-0986

The mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, which could allow remote attackers to modify mail message content, including mail headers, and possibly use PHP as a "spam proxy."

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:P/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://www.securityfocus.com/bid/5562	Patch Vendor Advisory
http://www.debian.org/security/2002/dsa-168
http://www.novell.com/linux/security/advisories/2002_036_modphp4.html
http://www.redhat.com/support/errata/RHSA-2002-213.html
http://www.redhat.com/support/errata/RHSA-2002-214.html
http://www.redhat.com/support/errata/RHSA-2002-243.html
http://www.redhat.com/support/errata/RHSA-2002-244.html
http://www.redhat.com/support/errata/RHSA-2002-248.html
http://www.redhat.com/support/errata/RHSA-2003-159.html
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000545
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-008.0.txt
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:082
http://www.kb.cert.org/vuls/id/410609	US Government Resource
http://www.osvdb.org/2160
http://marc.info/?l=bugtraq&m=103011916928204&w=2
http://marc.info/?l=bugtraq&m=105760591228031&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/9959

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:php:php:4.0.3:::::::*
	cpe:2.3:a:php:php:4.0.3:patch1::::::
	cpe:2.3:a:php:php:4.2.0:::::::*
	cpe:2.3:a:php:php:4.2.1:::::::*
	cpe:2.3:a:php:php:4.0.1:patch2::::::
	cpe:2.3:a:php:php:4.0.2:::::::*
	cpe:2.3:a:php:php:4.1.1:::::::*
	cpe:2.3:a:php:php:4.1.2:::::::*
	cpe:2.3:a:php:php:3.0.18:::::::*
	cpe:2.3:a:php:php:4.0:::::::*
	cpe:2.3:a:php:php:4.0.4:::::::*
	cpe:2.3:a:php:php:4.1.0:::::::*
	cpe:2.3:a:php:php:4.0.5:::::::*
	cpe:2.3:a:php:php:4.2.2:::::::*
	cpe:2.3:a:php:php:4.0.7:::::::*
	cpe:2.3:a:php:php:4.0.1:patch1::::::
	cpe:2.3:a:php:php:4.0.6:::::::*
	cpe:2.3:a:php:php:4.0.1:::::::*

Information

Published : 2002-09-23 21:00

Updated : 2017-10-09 18:30

NVD link : CVE-2002-0986

Mitre link : CVE-2002-0986

JSON object : View

CWE

NVD-CWE-Other

Products Affected

php

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.securityfocus.com/bid/5562", "name": "5562", "tags": ["Patch", "Vendor Advisory"], "refsource": "BID"}, {"url": "http://www.debian.org/security/2002/dsa-168", "name": "DSA-168", "tags": [], "refsource": "DEBIAN"}, {"url": "http://www.novell.com/linux/security/advisories/2002_036_modphp4.html", "name": "SuSE-SA:2002:036", "tags": [], "refsource": "SUSE"}, {"url": "http://www.redhat.com/support/errata/RHSA-2002-213.html", "name": "RHSA-2002:213", "tags": [], "refsource": "REDHAT"}, {"url": "http://www.redhat.com/support/errata/RHSA-2002-214.html", "name": "RHSA-2002:214", "tags": [], "refsource": "REDHAT"}, {"url": "http://www.redhat.com/support/errata/RHSA-2002-243.html", "name": "RHSA-2002:243", "tags": [], "refsource": "REDHAT"}, {"url": "http://www.redhat.com/support/errata/RHSA-2002-244.html", "name": "RHSA-2002:244", "tags": [], "refsource": "REDHAT"}, {"url": "http://www.redhat.com/support/errata/RHSA-2002-248.html", "name": "RHSA-2002:248", "tags": [], "refsource": "REDHAT"}, {"url": "http://www.redhat.com/support/errata/RHSA-2003-159.html", "name": "RHSA-2003:159", "tags": [], "refsource": "REDHAT"}, {"url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000545", "name": "CLA-2002:545", "tags": [], "refsource": "CONECTIVA"}, {"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-008.0.txt", "name": "CSSA-2003-008.0", "tags": [], "refsource": "CALDERA"}, {"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:082", "name": "MDKSA-2003:082", "tags": [], "refsource": "MANDRAKE"}, {"url": "http://www.kb.cert.org/vuls/id/410609", "name": "VU#410609", "tags": ["US Government Resource"], "refsource": "CERT-VN"}, {"url": "http://www.osvdb.org/2160", "name": "2160", "tags": [], "refsource": "OSVDB"}, {"url": "http://marc.info/?l=bugtraq&m=103011916928204&w=2", "name": "20020823 PHP: Bypass safe_mode and inject ASCII control chars with mail()", "tags": [], "refsource": "BUGTRAQ"}, {"url": "http://marc.info/?l=bugtraq&m=105760591228031&w=2", "name": "20030707 [OpenPKG-SA-2003.032] OpenPKG Security Advisory (php)", "tags": [], "refsource": "BUGTRAQ"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9959", "name": "php-mail-ascii-injection(9959)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, which could allow remote attackers to modify mail message content, including mail headers, and possibly use PHP as a \"spam proxy.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2002-0986", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "severity": "MEDIUM", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2002-09-24T04:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:php:php:4.0.3:patch1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:php:php:4.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:php:php:4.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:php:php:4.0.1:patch2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:php:php:4.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:php:php:3.0.18:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:php:php:4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:php:php:4.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:php:php:4.0.1:patch1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-10-10T01:30Z"}

5.0 /10