Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2007-1718
Description:CRLF injection vulnerability in the mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows remote attackers to inject arbitrary e-mail headers and possibly conduct spam attacks via a control character immediately following folding of the (1) Subject or (2) To parameter, as demonstrated by a parameter containing a "\r\n\t\n" sequence, related to an increment bug in the SKIP_LONG_HEADER_SEP macro.
Test IDs:  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2007-1718
BugTraq ID: 23145
Debian Security Information: DSA-1282 (Google Search)
Debian Security Information: DSA-1283 (Google Search)
RedHat Security Advisories: RHSA-2007:0153
RedHat Security Advisories: RHSA-2007:0155
RedHat Security Advisories: RHSA-2007:0162
SuSE Security Announcement: SUSE-SA:2007:032 (Google Search)
XForce ISS Database: php-mailfunction-header-injection(33516)

© 1998-2021 E-Soft Inc. All rights reserved.