← back
CVE-2009-4417

CVE-2009-4417

EPSS 0.9%
The shutdown function in the Zend_Log_Writer_Mail class in Zend Framework (ZF) allows context-dependent attackers to send arbitrary e-mail messages to any recipient address via vectors related to "events not yet mailed."
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://www.sektioneins.de/en/advisories/advisory-032009-piwik-cookie-unserialize-vulnerability/http://www.suspekt.org/2009/12/09/advisory-032009-piwik-cookie-unserialize-vulnerability/